[Dev] Cynara

Jussi Laako jussi.laako at linux.intel.com
Fri Apr 11 07:33:37 GMT 2014


On 10.4.2014 22:15, Schaufler, Casey wrote:
> The big issue I have is that, while I can do something about PIM
> (or any sort of) data, I can't do anything about *abstract* PIM
> data. We have access controls on IPC and on containers, but not
> on the data itself. Identifying the things we can control as
> opposed to the abstractions we like to talk about is the task.

And that's what gSSO was specifically designed to do differently. 
Everybody can access the API, but access control is on the data itself 
and how it can be used...

So also any third party application can store data there, but the data 
doesn't get mixed.

There can also be controlled groups of applications & data, like "Google 
family" or "Facebook family" of apps. So for example gmail and picasa 
could share data. And Facebook and Facebook Messenger could share data. 
But Google apps cannot access Facebook apps' data and vice versa.



More information about the Dev mailing list