fabric@lists.hyperledger.org | Hyperledger Fabric Vs Composer ACLs

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

Hyperledger Fabric Vs Composer ACLs

Kimheng SOK #7199 Dear all, In Hyperledger Composer Access Control List is define in a file.acl, Where is the equivalent access control list in Hyperledger Fabric to the one in Composer? Bests,
More All Messages By This Member
Brett T Logan <brett.t.logan@...> #7201 There is a finite set of resources you can place an ACL on using the following documentation: https://hyperledger-fabric.readthedocs.io/en/release-1.4/access_control.html To create more fine-grained control you can do Attribute-based Access Control by specify attributes in the x590 identity which can then be used in chaincode to determine if a user should have access to a specific operation at invocation. You can find that doc here: https://github.com/hyperledger/fabric/blob/release-1.1/core/chaincode/lib/cid/README.md#client-identity-chaincode-library Brett Logan Software Engineer, IBM Blockchain Phone: 1-984-242-6890 E-mail: brett.t.logan@... toggle quoted message Show quoted text ----- Original message ----- From: "Kimheng SOK" <sok.kimheng@...> Sent by: fabric@... To: fabric@... Cc: Subject: [EXTERNAL] [Hyperledger Fabric] Hyperledger Fabric Vs Composer ACLs Date: Mon, Nov 18, 2019 3:48 AM Dear all, In Hyperledger Composer Access Control List is define in a file.acl, Where is the equivalent access control list in Hyperledger Fabric to the one in Composer? Bests,
More All Messages By This Member
Kimheng SOK #7204 Dear Brett Logan, Thank for your answer, related to fine-grained access control by adding attributes to identity of the user I found that: 1. It might leak sensitive information of the user inside the certificate 2. It is hard to handle the provenance of the attributes, as administrator could add any attributes as he want to an identity 3. Each time Updating the attributes need to update the Certificate too, so there might be many versions of certificate if we manage to keep it as archive What do you think? Bests, toggle quoted message Show quoted text On Mon, Nov 18, 2019 at 4:53 PM Brett T Logan <Brett.T.Logan@...> wrote: There is a finite set of resources you can place an ACL on using the following documentation: https://hyperledger-fabric.readthedocs.io/en/release-1.4/access_control.html To create more fine-grained control you can do Attribute-based Access Control by specify attributes in the x590 identity which can then be used in chaincode to determine if a user should have access to a specific operation at invocation. You can find that doc here: https://github.com/hyperledger/fabric/blob/release-1.1/core/chaincode/lib/cid/README.md#client-identity-chaincode-library Brett Logan Software Engineer, IBM Blockchain Phone: 1-984-242-6890 E-mail: brett.t.logan@... ----- Original message ----- From: "Kimheng SOK" <sok.kimheng@...> Sent by: fabric@... To: fabric@... Cc: Subject: [EXTERNAL] [Hyperledger Fabric] Hyperledger Fabric Vs Composer ACLs Date: Mon, Nov 18, 2019 3:48 AM Dear all, In Hyperledger Composer Access Control List is define in a file.acl, Where is the equivalent access control list in Hyperledger Fabric to the one in Composer? Bests,
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms