Jeremy Jeremy
- Role based access control can be a bit of a misnomer
- We all want a silver bullet that provisions and de-provisions resources as people are give attributes
- In practice this often is handled with groups
- The real goal is provisioning based on some central attribute store
- The danger is in creating a one to one relationship between people and goals
- Roles in OpenRegistry are made up of Title and Department (and campus and affiliation in some cases)
- But Roles in OpenRegistry are more like relationships, a way to track information for each SoR, not necessarily for access control
{"serverDuration": 10, "requestCorrelationId": "19b86dcaeeac47b68b62718736ce9812"}