[SENTRY-2189] Static Attribute Ingestion - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.1.0
Fix Version/s: None
Component/s: None
Labels:
- ABAC

Description

Static (file-based) attribute provider for Sentry ABAC.

Attributes are string "tags" used to define a feature of the data which may require additional access control steps for security and compliance.

Since Sentry already provides role-based access control, we must be able to define actions to take on data objects based on attribute/role combinations.

This relationship can be modeled and effectively leveraged at query time with a specialized bidirectional map object providing low latency lookup between Attribute and Object, and vice versa.

Attribute->Object definitions will be provided as a JSON object, or as JSON delta updates to existing definitions. This implementation will parse the definitions into the specialized Java object to provide near-O(1) lookup from Attribute-> Object, and from Object -> Attribute associations.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-2189.001.patch
05/Apr/18 21:23
56 kB
Liam Sargent

Activity

People

Assignee:: Anthony Young-Garner

Reporter:: Liam Sargent

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 26/Mar/18 19:11

Updated:: 09/May/18 15:07