Focusing on the generalization of concepts, functionality, and overall processes involved in the creation of a secure 'network of trusted data' , the IDS-RAM resides at a higher abstraction level than common architecture models of concrete software solutions do. The document provides an overview and dedicated architecture specifications.
Creative Commons Attribution 4.0 International
38
stars
27
forks
source link
App Store and Data Apps: chapter does not consider usage policies for apps. #211
The section 4.1.4 Securing Applications mentions usage policies, e.g. to add licencing information, for IDS apps.
The section 3.5.3 App Store and Data Apps does not mention policies at all (neither usage policies nor access policies). It could be beneficial to incorporate the concept of policies at this point. (at least mention and link to a more detailed section).
3.5.3. App Store and Data Apps: explicitly mention that "Publish and Maintain IDS App" can include licensing and usage policy information. Going into details with this would most likely require changes to the IDS Infor Model describing apps.
3.4.5. Publishing and using Data Apps: change the "Retrieve IDS App" process to include an additional step before "Deploy IDS App" to verify that the licensing / usage policy restrictions are respected before the app is deployed.
I will try to execute these changes in the next couple of weeks.
The section 4.1.4 Securing Applications mentions usage policies, e.g. to add licencing information, for IDS apps.
The section 3.5.3 App Store and Data Apps does not mention policies at all (neither usage policies nor access policies). It could be beneficial to incorporate the concept of policies at this point. (at least mention and link to a more detailed section).