Jeremy Jeremy
- Role based access control can be a bit of a misnomer
- We all want a silver bullet that provisions and de-provisions resources as people are give attributes
- In practice this often is handled with groups
- The real goal is provisioning based on some central attribute store
- The danger is in creating a one to one relationship between people and goals
- Roles in OpenRegistry are made up of Title and Department (and campus and affiliation in some cases)
- But Roles in OpenRegistry are more like relationships, a way to track information for each SoR, not necessarily for access control
{"serverDuration": 18, "requestCorrelationId": "284331472d924bb0a17e01ab725d7292"}