Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "COSMOS Design 209337"
Jim.gyng.com (Talk | contribs) (→'''Purpose''') |
Jim.gyng.com (Talk | contribs) (→'''GUI Considerations''') |
||
Line 94: | Line 94: | ||
# Ensure full support and compliance with WS-Security | # Ensure full support and compliance with WS-Security | ||
− | |||
− | + | == '''Authentication''' == | |
− | + | COSMOS must support basic user authentication and also support an SSO paradigm. | |
− | + | ||
− | + | ||
− | + | ||
== '''Message Handling Considerations''' == | == '''Message Handling Considerations''' == |
Revision as of 17:49, 10 January 2008
Contents
Scoping of the COSMOS Security Infrastructure
Change History
Name: | Date: | Revised Sections: |
---|---|---|
Jimmy Mohsin | 01/08/2008 |
|
Workload Estimation
Process | Sizing | Names of people doing the work |
---|---|---|
Design | 3 | Jimmy Mohsin |
Code (not part of this ER) | 4 | Dev Team |
Test (not part of this ER) | 4 | QA Team |
Documentation (not part of this ER) | 1 | |
Build and infrastructure (not part of this ER) | 1 | |
Code review, etc. (not part of this ER) | 1 | |
TOTAL | 12 |
Terminologies/Acronyms
The terminologies/acronyms below are commonly used throughout this document. The list below defines each term regarding how it is used in this document:
Term | Definition |
---|---|
User | An entity representing a user in the organization. This is usually a 1:1 relation between a user and a real person |
Security Provider | Software that implements the various aspects of Security |
Account | an object representing an identity that exists on a specific realm / domain – e.g. login account on UNIX or Oracle. A single user may be associated with a multiple accounts |
Role | an application-centric authorization grouping of users (while group is a resource-based authorization grouping of accounts). |
Purpose
This enhancement is associated with bugzilla 209337.
Thsi ER will define / design / document the full scope of the COSMOS Security Infrastructure. This is the master Security ER; underneath it, multiple ERs will be spawned to address specific areas of the Security. Sepcifically, we need to address
- Authentication
- Encryption
- Authorization
- Approaches for implementing security in COSMOS, i.e. type of Security Providers supported
- Determine connection points where a Security Provider plugs into COSMOS
Security Providers supported by COSMOS
COSMOS should allow an adopter to plug in a Security Provider of their choosing. COSMOS must support the following options:
- Provide support and reference implementations for specified industry standard Security Providers, e.g. LDAP.
- Publish guidelines for hooking in Enterprise class Security Providers
- Ensure full support and compliance with WS-Security
Authentication
COSMOS must support basic user authentication and also support an SSO paradigm.
Message Handling Considerations
The COSMOS messages must consider the following guidelines to support i18n:
- Prefix each message with unique message-ids
- Label 3rd party messages when shown from COSMOS
i18n Checklist
Here is a check list to determine whether COSMOS is i18n-ready or not:
- Menus, dialogs and web layouts can tolerate text expansion
- Development language strings are reviewed for meaning and spelling to reduce user confusion and lessen translation errors
- Third-party software used in the product is examined for i18n support
- Consistent terminology is used in messages
- COSMOS runs properly in its base language in all target locales
- Strings are not assembled by concatenation of fragments
- Source code does not contain hard-coded character constants, numeric constants, screen positions, filenames or pathnames that assume a particular language
- String buffers are large enough to handle translated words and phrases
- East Asian editions support line-breaking rules
- All international editions of the program are compiled from one set of source files
- Localizable items are stored in resource files, message tables or message catalogues
- All language editions share a common file format
- Program handles non-homogeneous network environments where machines are operating with different encodings
- No assumptions are made that one character storage element represents one linguistic character
- Code does not use embedded font names or make assumptions about particular fonts being available
- Program displays and prints text using appropriate fonts
- Sorting and case conversion are culturally correct
- Application works correctly on localized editions of the target operating system(s)
- Specific for web internationalization:
- Check middle-tier components for internationalization compliance
- Ensure that information about encoding and locale of data is passed correctly between presentation and backend tiers
Task Breakdown
The following section includes the tasks required to complete this enhancement.
- TBD
Open Issues/Questions
All reviewer feedback should go in the Talk page for 209337.
- Should this ER address the Language Groups issue? Or should this be deemed out of scope since COSMOS 1.0 will not address localization?
- Where does XLIFF fit into the i18n considerations? http://docs.oasis-open.org/xliff/v1.2/cs02/xliff-core.html
--Popescu.ca.ibm.com 13:23, 4 January 2008 (EST)XLIFF is one option for localization support in xml documents.