You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by bu...@apache.org on 2015/04/15 22:58:56 UTC
svn commit: r947777 - in /websites/staging/directory/trunk/content: ./
fortress/overview.html
Author: buildbot
Date: Wed Apr 15 20:58:55 2015
New Revision: 947777
Log:
Staging update by buildbot for directory
Modified:
websites/staging/directory/trunk/content/ (props changed)
websites/staging/directory/trunk/content/fortress/overview.html
Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Apr 15 20:58:55 2015
@@ -1 +1 @@
-1673955
+1673956
Modified: websites/staging/directory/trunk/content/fortress/overview.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/overview.html (original)
+++ websites/staging/directory/trunk/content/fortress/overview.html Wed Apr 15 20:58:55 2015
@@ -198,7 +198,7 @@
<p>The following technology standards are applied within Fortress...</p>
<h3 id="ansi-role-based-access-control-incits-359">ANSI Role-Based Access Control (INCITS 359)</h3>
<p>There is more to compliance than assigning users to groups and applying ACL policies within directories or databases. <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a> systems provide selective Role activation/deactivation, role hierarchies, and constraints over separation of duty. The <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a> component provides APIs to add, update, delete, and search the directory data. Fortress provides everything that is needed to exploit the full power of this ANSI specification.</p>
-<p>More info can be found on <a href="user-guide/intro-rbac.html">Intro to ANSI RBAC Page</a></p>
+<p>More info can be found on <a href="user-guide/1-intro-rbac.html">Intro to ANSI RBAC Page</a></p>
<h3 id="java-ee-platform-tm-security"><a href="http://java.net/projects/javaee-spec/pages/Home">Java EE Platform</a> (tm) Security</h3>
<p>Used for SSL, X.509 mutual authentication, form-based container authentication, coarse-grained authorization, SSO and more. Works within compliant Java Web apps like EnMasse policy server. Java EE security is good because its declarative controls keep the development and integration costs low. At the same time, it provides adequate network system security and the business apps run fast due to caching maintained within the app server container. This reduces costs because of fewer round-trips between the application and policy servers.</p>
<h3 id="administrative-role-based-access-control-arbac02">Administrative Role-Based Access Control (<a href="http://profsandhu.com/journals/tissec/p113-oh.pdf">ARBAC02</a>)</h3>