ConsideredURFieldsRecordID
Version 1 (Jon Kerr Nilsen, 08/08/2012 04:51 AM)
| 1 | 1 | Jon Kerr Nilsen | h1. List of fields considered for the record identity block of the usage record |
|---|---|---|---|
| 2 | 1 | Jon Kerr Nilsen | |
| 3 | 1 | Jon Kerr Nilsen | The following fields are considered for inclusion in a record identity block in a usage record. Each resources will have its own specific block. This specific block is reserved to the attributes that describes the record identity. |
| 4 | 1 | Jon Kerr Nilsen | |
| 5 | 1 | Jon Kerr Nilsen | ---- |
| 6 | 1 | Jon Kerr Nilsen | |
| 7 | 1 | Jon Kerr Nilsen | h2. RecordIdentityBlock |
| 8 | 1 | Jon Kerr Nilsen | |
| 9 | 1 | Jon Kerr Nilsen | This is the block property of the Usage Record identity field. |
| 10 | 1 | Jon Kerr Nilsen | Example |
| 11 | 1 | Jon Kerr Nilsen | <pre> |
| 12 | 1 | Jon Kerr Nilsen | <ur:RecordIdentityBlock> |
| 13 | 1 | Jon Kerr Nilsen | <!— Identity properties go in here --> |
| 14 | 1 | Jon Kerr Nilsen | </ur:RecordIdentityUsageBlock> |
| 15 | 1 | Jon Kerr Nilsen | </pre> |
| 16 | 1 | Jon Kerr Nilsen | |
| 17 | 1 | Jon Kerr Nilsen | h3. Comments: |
| 18 | 1 | Jon Kerr Nilsen | |
| 19 | 1 | Jon Kerr Nilsen | Ralph: ok |
| 20 | 1 | Jon Kerr Nilsen | Mike J: OK, but perhaps need some more detail: what can we expect to see in this block |
| 21 | 1 | Jon Kerr Nilsen | <pre> |
| 22 | 1 | Jon Kerr Nilsen | <IdentityBlock> |
| 23 | 1 | Jon Kerr Nilsen | <anonymous/> |
| 24 | 1 | Jon Kerr Nilsen | <DN authorisaition="true">string</DN> |
| 25 | 1 | Jon Kerr Nilsen | <uid>n</uid> |
| 26 | 1 | Jon Kerr Nilsen | <ip authorisation="false">n.n.n.n</ip> |
| 27 | 1 | Jon Kerr Nilsen | ... |
| 28 | 1 | Jon Kerr Nilsen | </IdentityBlock> |
| 29 | 1 | Jon Kerr Nilsen | </pre> |
| 30 | 1 | Jon Kerr Nilsen | |
| 31 | 1 | Jon Kerr Nilsen | Jon: Changed this block to be RecordIdentityBlock, moved SubjectIdentity to separate block. |
| 32 | 1 | Jon Kerr Nilsen | |
| 33 | 1 | Jon Kerr Nilsen | ---- |
| 34 | 1 | Jon Kerr Nilsen | |
| 35 | 1 | Jon Kerr Nilsen | h2. recordId |
| 36 | 1 | Jon Kerr Nilsen | |
| 37 | 1 | Jon Kerr Nilsen | A record identity uniquely defines a record in the set of all usage record for the grid |
| 38 | 1 | Jon Kerr Nilsen | implementation. recordId is an opaque string; |
| 39 | 1 | Jon Kerr Nilsen | |
| 40 | 1 | Jon Kerr Nilsen | h3. Comments: |
| 41 | 1 | Jon Kerr Nilsen | |
| 42 | 1 | Jon Kerr Nilsen | Ralph: In StAR we defined two attributes: create time and ID |
| 43 | 1 | Jon Kerr Nilsen | Mike J: OK but if using the StAR example above need to specify that sr:recordId is an opaque string; if you want host info this should be in its own attribute/node |
| 44 | 1 | Jon Kerr Nilsen | Jon: renamed field from RecordIdentity to recordID not to confuse it with RecordIdentityBlock, agree it should be an opaque string. |
| 45 | 1 | Jon Kerr Nilsen | |
| 46 | 1 | Jon Kerr Nilsen | ---- |
| 47 | 1 | Jon Kerr Nilsen | |
| 48 | 1 | Jon Kerr Nilsen | h2. createTime |
| 49 | 1 | Jon Kerr Nilsen | |
| 50 | 1 | Jon Kerr Nilsen | The createTime attribute describes when the record was created. |
| 51 | 1 | Jon Kerr Nilsen | |
| 52 | 1 | Jon Kerr Nilsen | h3. Comments: |
| 53 | 1 | Jon Kerr Nilsen | |
| 54 | 1 | Jon Kerr Nilsen | ---- |
| 55 | 1 | Jon Kerr Nilsen | |
| 56 | 1 | Jon Kerr Nilsen | h2. recorderId |
| 57 | 1 | Jon Kerr Nilsen | |
| 58 | 1 | Jon Kerr Nilsen | The recorderId gives information on who created the record. |
| 59 | 1 | Jon Kerr Nilsen | |
| 60 | 1 | Jon Kerr Nilsen | h3. Comments: |
| 61 | 1 | Jon Kerr Nilsen | |
| 62 | 1 | Jon Kerr Nilsen | --- |
| 63 | 1 | Jon Kerr Nilsen | |
| 64 | 1 | Jon Kerr Nilsen | Mike J: Suggest a mockup for the wiki: The following is an example straw-man of what I would like to see (it is not agreed nor a summary of the above) |
| 65 | 1 | Jon Kerr Nilsen | <pre> |
| 66 | 1 | Jon Kerr Nilsen | <usage> |
| 67 | 1 | Jon Kerr Nilsen | <recordIdentity> |
| 68 | 1 | Jon Kerr Nilsen | <creationTime>[When the record is cut]</creationTime> |
| 69 | 1 | Jon Kerr Nilsen | <recordID>[unique opaque ID]</recordID> |
| 70 | 1 | Jon Kerr Nilsen | <recorderID type="DN">[DN of host cutting the record]</recorderID> || |
| 71 | 1 | Jon Kerr Nilsen | <recorderID type="IP">[IP address of host curring the record]</recorderID> |
| 72 | 1 | Jon Kerr Nilsen | </recordIdentity> |
| 73 | 1 | Jon Kerr Nilsen | <identity> |
| 74 | 1 | Jon Kerr Nilsen | <!-- There may be other examples of the following. One of the following needs to have an attribute defining that it was used for authorisation --> |
| 75 | 1 | Jon Kerr Nilsen | <Id individual="true" type="anonymous"/> || |
| 76 | 1 | Jon Kerr Nilsen | <Id individual="true"type="DN" scope="global|local">[DN]</userId>? |
| 77 | 1 | Jon Kerr Nilsen | <Id individual="true" type="IP" scope="global|local">[IP]</userId>? |
| 78 | 1 | Jon Kerr Nilsen | <Id individual="true" type="UID" scope="site|local">[ID]</userId>? |
| 79 | 1 | Jon Kerr Nilsen | |
| 80 | 1 | Jon Kerr Nilsen | <ID individual="false" type="GID" scope="site|local">[ID]</groupID>? |
| 81 | 1 | Jon Kerr Nilsen | <ID individual="false" type="VOMS"> |
| 82 | 1 | Jon Kerr Nilsen | <authority type="DN">[VOMS AC Issuer/Server certificate]</authority> |
| 83 | 1 | Jon Kerr Nilsen | <method>AC|List|SAML</method> |
| 84 | 1 | Jon Kerr Nilsen | </groupID> |
| 85 | 1 | Jon Kerr Nilsen | <ID individual="false" type="GID" scope="site|local">[GID]</groupID> |
| 86 | 1 | Jon Kerr Nilsen | <ID individual="false" type="IP" scope="local|global"> |
| 87 | 1 | Jon Kerr Nilsen | <IP mask="255.255.0.0">[IP]</IP>+ |
| 88 | 1 | Jon Kerr Nilsen | </groupID> |
| 89 | 1 | Jon Kerr Nilsen | </identity> |
| 90 | 1 | Jon Kerr Nilsen | ... |
| 91 | 1 | Jon Kerr Nilsen | </usage> |
| 92 | 1 | Jon Kerr Nilsen | </pre> |