Experimental Physics and Industrial Control System
|
Hi Lewis,
Thank you for your interest in helping me.
The problem is this:
We are going to have several users using Phoebus. Different users have
different permissions to view and to edit, like any other system.
Sometimes a terminal is being used by a low-privileged user, and
sometimes is being used by a high-privileged one, so we need to change
from one user to another, BUT the requirement to meet is pretty clear:
the change has to be made without logging out from the current computer
session. It is not acceptable to log out from the computer session and
to log in using a different user account. Phoebus has to be a closed
ecosystem (please don't ask me why, because that is beyond me). If we
may log out from the computer current session and to log in using a
different account, the problem would be solved, because the OS security
system would be the responsible for solving this situation.
Another possible scene is when a high-privileged user prefers using a
low-privileged account, because he/she only wants to use the
high-privileged account when it is strictly necessary.
Finally, another third situation is when an user want to change
something but, first of all, he/she has to confirm the action using a
password, because only who knows that password may perform that action.
In this case the problem is not about different user accounts, but about
who knows the password.
At the present day, which of the explained situations will be necessary
is unknown. Maybe we are going to use all of them, or maybe only one. I
don't know. Anyway, I need to know how to solve them.
These are the reasons because I need to know how to deal with different
user accounts inside phoebus (I want to highlight it because it is very
important: inside) and how to manage passwords. In all cases, I need to
manage critical data related to security.
Best regards
Óscar
El 21/04/2021 a las 16:02, J. Lewis Muir escribió:
On 04/21, Oscar Ibañez via Tech-talk wrote:
Hi everybody again,
I have a new doubt about Phoebus. Now it is about security.
Is there any recomendable solution to implement username authentication in
Phoebus? I mean, some kind of solution to save critical information
(password hash?) that, then, it will be used to authenticate an user. I have
been reading some information about it, but always in the CSS BOY context.
The explanations that I have found some... well, over the top. I need
something simpler. I don't need Kerberos or something like that.
Best regards.
This sounds like the XY problem [1] to me; what problem are you trying
to solve?
Lewis
[1] https://en.wikipedia.org/wiki/XY_problem
- Replies:
- Re: [EXTERNAL] Re: What is the best (and simple) way to implement security in a Phoebus solution? Kasemir, Kay via Tech-talk
- Re: What is the best (and simple) way to implement security in a Phoebus solution? J. Lewis Muir via Tech-talk
- References:
- What is the best (and simple) way to implement security in a Phoebus solution? Oscar Ibañez via Tech-talk
- Re: What is the best (and simple) way to implement security in a Phoebus solution? J. Lewis Muir via Tech-talk
- Navigate by Date:
- Prev:
State Machines SNL or SEQ records? Manoussakis, Adamandios via Tech-talk
- Next:
Re: [EXTERNAL] What is the best (and simple) way to implement security in a Phoebus solution? Oscar Ibañez via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
<2021>
2022
2023
2024
- Navigate by Thread:
- Prev:
Re: What is the best (and simple) way to implement security in a Phoebus solution? J. Lewis Muir via Tech-talk
- Next:
Re: [EXTERNAL] Re: What is the best (and simple) way to implement security in a Phoebus solution? Kasemir, Kay via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
<2021>
2022
2023
2024
|
ANJ, 21 Apr 2021 |
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·
·
Search
·
EPICS V4
·
IRMIS
·
Talk
·
Bugs
·
Documents
·
Links
·
Licensing
·
|