From 92787c159262a57fa20b2eb05ed710e1e6cfca96 Mon Sep 17 00:00:00 2001 From: Martin Ashby Date: Mon, 25 Mar 2024 21:36:21 +0000 Subject: Final conversion to Zine --- content/posts/2023-01-31-oso.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'content/posts/2023-01-31-oso.md') diff --git a/content/posts/2023-01-31-oso.md b/content/posts/2023-01-31-oso.md index cace628..1ca57c2 100644 --- a/content/posts/2023-01-31-oso.md +++ b/content/posts/2023-01-31-oso.md @@ -1,9 +1,9 @@ --- -title: "Authorization and search operations" -date: 2023-01-31T21:14:06Z -draft: false -params: - comments: true +.title = "Authorization and search operations", +.author = "Martin Ashby", +.date = @date("2023-01-31T21:14:06Z"), +.layout = "single.html", +.custom = {"comments": true}, --- Background: at work I help to build a [SAAS](https://en.wikipedia.org/wiki/Software_as_a_service) web application for healthcare. An important aspect of our web application is [authorization](https://csrc.nist.gov/glossary/term/authorization). It's a pretty hard problem, because the business has a fairly complex set of rules about who can see what data. The rules involve attributes of the [subject](https://csrc.nist.gov/glossary/term/subject) and [object](https://csrc.nist.gov/glossary/term/object), and the direct or indirect (e.g. via a group) relationship between them. It's also a pretty important problem; healthcare data is typically very sensitive and we need to obey the law and keep our users' trust in order to provide useful services. The problem is also constrained by speed; in order to render a web page in a reasonable time e.g. under a second, data must be fetched and authorized in just a few milliseconds. -- cgit v1.2.3-ZIG