jussi.laako at linux.intel.com
Fri Apr 11 07:33:37 GMT 2014
On 10.4.2014 22:15, Schaufler, Casey wrote:
> The big issue I have is that, while I can do something about PIM
> (or any sort of) data, I can't do anything about *abstract* PIM
> data. We have access controls on IPC and on containers, but not
> on the data itself. Identifying the things we can control as
> opposed to the abstractions we like to talk about is the task.
And that's what gSSO was specifically designed to do differently.
Everybody can access the API, but access control is on the data itself
and how it can be used...
So also any third party application can store data there, but the data
doesn't get mixed.
There can also be controlled groups of applications & data, like "Google
family" or "Facebook family" of apps. So for example gmail and picasa
could share data. And Facebook and Facebook Messenger could share data.
But Google apps cannot access Facebook apps' data and vice versa.
More information about the Dev