Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Security: Requirements"
(→Requirements) |
|||
Line 7: | Line 7: | ||
* Support login to the platform | * Support login to the platform | ||
* Run with a fully-integrated SecurityManager | * Run with a fully-integrated SecurityManager | ||
+ | * Define domain specific Permissions for eclipse concepts (e.g. ViewPermission, ActionPermission) and make | ||
+ | * Find a way to run non trusted plug-ins in a sandbox | ||
+ | * Make EMF generated code secure: define model specific permissions and use them in the generated code | ||
[[Category:Equinox]] | [[Category:Equinox]] | ||
[[Category:Security|Requirements]] | [[Category:Security|Requirements]] |
Revision as of 22:00, 17 May 2007
Document for collecting Security requirements
Requirements
- Support plugging JCA/JCE classes into the platform dynamically via services or extensions
- Use Java-standard APIs like KeyStore, CertStore, etc. where appropriate for Key management
- Support login to the platform
- Run with a fully-integrated SecurityManager
- Define domain specific Permissions for eclipse concepts (e.g. ViewPermission, ActionPermission) and make
- Find a way to run non trusted plug-ins in a sandbox
- Make EMF generated code secure: define model specific permissions and use them in the generated code