4.1.7 - Real time access control decision making #2059
Labels
1) Discussion ongoing
Issue is opened and assigned but no clear proposal yet
V4
Temporary label for grouping authorization related issues
_5.0 - prep
This needs to be addressed to prepare 5.0
Note: this is referenced as 4.1.10 in #2033, but I updating the numbering to account for the skipped requirements.
I propose the addition of a new requirement that addresses the need for access decisions to be made on the most current permissions information. For example, let's say a user's access permissions are modified while that user has an active session (i.e. admin revokes access to edit files) - if the system does not check the user's permissions in real time (i.e. instead relying on cached access information), the user would be able to edit a file, which they should no longer be able to do.
The text was updated successfully, but these errors were encountered: