aboutsummaryrefslogtreecommitdiff
path: root/content/posts/2023-01-31-oso.md
diff options
context:
space:
mode:
authorMartin Ashby <martin@ashbysoft.com>2024-03-25 21:36:21 +0000
committerMartin Ashby <martin@ashbysoft.com>2024-03-25 21:36:21 +0000
commit92787c159262a57fa20b2eb05ed710e1e6cfca96 (patch)
tree508cab2af110a063767564571a98d157926bfb05 /content/posts/2023-01-31-oso.md
parente12c0d23ad72ffa9389d90311453db535f57e450 (diff)
downloadmfashby.net-92787c159262a57fa20b2eb05ed710e1e6cfca96.tar.gz
mfashby.net-92787c159262a57fa20b2eb05ed710e1e6cfca96.tar.bz2
mfashby.net-92787c159262a57fa20b2eb05ed710e1e6cfca96.tar.xz
mfashby.net-92787c159262a57fa20b2eb05ed710e1e6cfca96.zip
Final conversion to Zine
Diffstat (limited to 'content/posts/2023-01-31-oso.md')
-rw-r--r--content/posts/2023-01-31-oso.md10
1 files changed, 5 insertions, 5 deletions
diff --git a/content/posts/2023-01-31-oso.md b/content/posts/2023-01-31-oso.md
index cace628..1ca57c2 100644
--- a/content/posts/2023-01-31-oso.md
+++ b/content/posts/2023-01-31-oso.md
@@ -1,9 +1,9 @@
---
-title: "Authorization and search operations"
-date: 2023-01-31T21:14:06Z
-draft: false
-params:
- comments: true
+.title = "Authorization and search operations",
+.author = "Martin Ashby",
+.date = @date("2023-01-31T21:14:06Z"),
+.layout = "single.html",
+.custom = {"comments": true},
---
Background: at work I help to build a [SAAS](https://en.wikipedia.org/wiki/Software_as_a_service) web application for healthcare. An important aspect of our web application is [authorization](https://csrc.nist.gov/glossary/term/authorization). It's a pretty hard problem, because the business has a fairly complex set of rules about who can see what data. The rules involve attributes of the [subject](https://csrc.nist.gov/glossary/term/subject) and [object](https://csrc.nist.gov/glossary/term/object), and the direct or indirect (e.g. via a group) relationship between them. It's also a pretty important problem; healthcare data is typically very sensitive and we need to obey the law and keep our users' trust in order to provide useful services. The problem is also constrained by speed; in order to render a web page in a reasonable time e.g. under a second, data must be fetched and authorized in just a few milliseconds.