handling security within a usecase

From: Keith (keith_at_notmyrealaddress.com)
Date: 05/31/04

• Next message: Michael Rauscher: "Re: UML "OR" Composition Question"
• Previous message: Jeff Brooks: "Re: Multiple inheritance revisited"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Mon, 31 May 2004 00:35:08 GMT

All,
The consulting company I am with is working on a large-scale project
where access control is fine-grained due to government regulation. As an
example, a record contains information on a person that includes SS#. A
clerk can update the record, but for legal reasons, cannot update or
even view the SS#. The clerk's manager can also update the record, but
*can* view and update the SS#. The ability to see/modify the SS# is the
only difference in functionality presented to the clerk and manager.
The larger issue, perhaps, is how do you folks handle security wrt a use
case? Does the primary actor have access by definition to all the
functionality in the use case, or do you use conditional logic within
the usecase to grant access to fields / alternate paths, etc. when to do
otherwise would require creating additional (identical) use cases?

We have a solution in place that works reasonably well, but I am curious
as to how you folks might handle the problem.

TIA,
Keith

---

• Next message: Michael Rauscher: "Re: UML "OR" Composition Question"
• Previous message: Jeff Brooks: "Re: Multiple inheritance revisited"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Conversion of data & associated logic from ISAM to RDB ... Pete Dashwood wrote: ... Do not accept the assignment... ... know of too many folks who get told 'be a manager or you'll be fired' then ... Sturgeon's Law that I apply to folks in *any* job - butcher, baker, ... (comp.lang.cobol) Re: Ten Year Old Starting Petition to Change Helmet Law ... money I made........ ... that is what happens at wallmart if you actually show up and do your job. ... that is so rare their that they usually make the folks that can do that for ... a full week a department manager. ... (rec.motorcycles.harley) Re: Conversion of data & associated logic from ISAM to RDB ... Pete Dashwood wrote: ... espousing just might be, perhaps, beyond the capabilities of many folks... ... Do not accept the assignment... ... know of too many folks who get told 'be a manager or you'll be fired' then ... (comp.lang.cobol) Re: after the next accident... ... about the risks of a complex system; ... expertise is in building and analyzing complex systems or folks whose ... the final call belongs to the manager because he's ... manager understands both the upside and downside risks. ... (sci.space.shuttle) Re: multiprocessing managers and socket connection. ... functionality. ... where I start on one machine a manager that is listening and then ... The socket connections to the ... When you use a PIPE, it throws the exception and actually exits; ... (comp.lang.python)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)