Open pdeliasson opened 4 years ago
How can/should we handle "network identities" like AD kerberos tokens, SAML and oauth tickets?
We need to understand if these can be modeled by methodology or if we need to create additional assets.
This question also includes to how these networked identities are linked to local privileges on endpoint systems.
This card is relevant to this issue: https://github.com/mal-lang/coreLang/projects/2#card-36340793
More notes:
Policy
How can/should we handle "network identities" like AD kerberos tokens, SAML and oauth tickets?
We need to understand if these can be modeled by methodology or if we need to create additional assets.
This question also includes to how these networked identities are linked to local privileges on endpoint systems.