Skip to Content.
Sympa Menu

grouper-users - [grouper-users] TIER Grouper Security Model - GDG V2

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] TIER Grouper Security Model - GDG V2


Chronological Thread 
  • From: "William G. Thompson, Jr." <>
  • To: , TIER-API <>
  • Subject: [grouper-users] TIER Grouper Security Model - GDG V2
  • Date: Thu, 21 Dec 2017 22:39:39 -0500
  • Ironport-phdr: 9a23:vFMj0R/sl1/zlP9uRHKM819IXTAuvvDOBiVQ1KB32ugcTK2v8tzYMVDF4r011RmVBdyds6oMotGVmpioYXYH75eFvSJKW713fDhBt/8rmRc9CtWOE0zxIa2iRSU7GMNfSA0tpCnjYgBaF8nkelLdvGC54yIMFRXjLwp1Ifn+FpLPg8it2O2+54Dfbx9UiDahfLh/MAi4oQLNu8cMnIBsMLwxyhzHontJf+RZ22ZlLk+Nkhj/+8m94odt/zxftPw9+cFAV776f7kjQrxDEDsmKWE169b1uhTFUACC+2ETUmQSkhpPHgjF8BT3VYr/vyfmquZw3jSRMMvrRr42RDui9b9mRh/mhikEKjA37n3Yh9dsjK5Huh+tuwBzz5LWbYyTKfFwfrndfdQfRWdZUMpeVy1BAoe4b4sOFeUBOPtToYjnq1ATsxW+BQ6sBOb3yj9TgX/227U22PklHwHcxgAsEc8FvXPardX6KKcSUee1zKzTwDXMavNZwzb96IzSfh89pvGMWKt9fMzMwkcsDwPIlkucpI35Mz6X0+kNvWuW4PF8We+qhGMrtx19rSWqy8gwloXGm4cYx1Xa+Sh23oo4I8CzRlRhbt6+CpRQsjmXN4toTcMmRGFloCM6xacHuZ6/ZSQK0YgnywLGZ/2IbYSF7QzvWPyeITd/g3Jld7a/iAio/Ue8ze38U9G40FdMriVbjtnBrm4B2h3P5sWFT/Z98ESs1i2T2w3W5exIPVw4mrfeJpE93rI/i58evEHdEiL5hkn6lKqWeV8l+uis5eTneLLmppqEOo56hQH+LqQumsu6AekjPQgOWnKU+eW41LH54UL5R7BKguUskqbFqJDaOdgbpqmhDg9ayIYj7Au/Dy+439QChHUHMUlFdwydj4jyIFzOJPH4Deyjg1S3jjtn3fHGPrv9AprTNHjDlqnufapj50JG1gU80M1f7YpOCr4dOPLzRlPxtNvAAx8lMgy73fznBMxn2YMGWGKCGauZMKLJsV+U/eIjPfOAZI4TuDbhNfcl/fjugmElmVMDZ6Wmw4YYaG3rVshhdkqDZmf0j81EDHwHpBEWTer2hUeEXCIJIXu+QuZ02hAWMsePNaaLEpysjabE1T+6NpxQem1cDF2QSzHle5jSCNkWbyfHaPBgljgFXL3pZMlp6RGpsRfhzLwjZsjOvGdQ4Y3syNhy4sXckBgz8Xp/CMHLgDLFdH19gm5dH2x+56t4u0Eoklo=

Grouper Friends,

In the next version of the Grouper Deployment Guide we'd like to add a
section dealing with the Grouper security model. This section will
describe the privileges associated with Grouper objects (folders,
groups, attributes) along with a strategy for managing those
privileges to achieve various access control goals within Grouper
itself. At a high level this is mostly about who has access to what
objects within Grouper, and how do we managed/audit/maintain those
privileges.

We're interested in distilling community practice into a TIER
recommended approach. This is similar to the approach we took with the
folder and groups section of the first version. We're seeking input
both from folks who already have a local security model/approach, and
from folks who have questions about how to achieve various access
control goals within Grouper.

If you have a long standing or a newish Grouper deployment, how are
you managing Grouper privileges? Have you adopted any organizing
principles to help maintain them? Running any scripts or Grouper rules
to enforce a security model? Adopted a naming convention for grouper
security groups? Doing any audit of grouper privileges?

Please feel free to share directly on this list or contact me directly
at
.

Thanks,
Bill



Archive powered by MHonArc 2.6.19.

Top of Page