...
- Under Key Concepts, regarding the term "system entity."
This term has generic meaning in a CollectionSpace context - since "entity" is so widely used throughout Services layer documentation.
This term may also be used in some security-related discussions, such as this CORBA-related patent application to refer to what JAAS terms "Agents."
One possible approach toward disambiguation: we might consider standardizing, within CollectionSpace documentation and potentially within code, on a more 'human friendly' term, "system actor," which emerged from the discussion in Services Team Design Meeting May 21, 2009, rather than this specific term from RFC 2828. One counter-argument, however, is that "actor" has specific meaning in use cases, and often refers to a real-world entity, rather than any software representation of same. Thoughts? - Aron
- Somewhere near the beginning of Key Concepts, we might note that these concepts use standard Java platform (JAAS) security-related terminology to define entities like Subject, Person, and Agent, and that this terminology may be specific to the Java platform.
Some other security discussions, such as this one relating to security in the context of Microsoft software (note: PDF document), may use some of these same terms quite differently; e.g. "A subject is a program (application) executing on behalf of a principal."
...