Outbound Access Control Lists (ACLs)
Outbound ACLs provide data record visibility between zones and adaptors. ACLs are a key component of MDM and are part of what is often referred to as the router. Outbound ACLs can be thought of as permissions on out-bound data.
Out-bound data permission is controlled at various levels. See an example of the data access , below.
Source of Data | Destination | Priority |
---|---|---|
Zone[1] | Zone[2] | 1 |
Zone[1].Adaptor[x] | Zone[2] | 2 |
Zone[1].DR[i] | Zone[2] | 3 |
Zone[1].DR[i].DRproperty[X] | Zone[2] | 4 |
Zone[1].Adaptor[x].DRproperty[X] | Zone[2] | 5 |
- At the highest prioirty level (Priority 1), Zone[1] can shut off all outbound data record changes to Zone[2]. At the lowest priority level (Prioirty 5), Zone[1] can shut off sharing a single attribute on a single adaptor (that it owns) to Zone[2].
- Sharing precedence is based on the priority e.g. If Zone[1] has turned off access to Zone[2] (Priority 1), then all other sharing actions are null.
- Permissions for each element are based on REST operations GET, PATCH, POST and DELETE. An additional operation is added for PUSH, where a zone allows another zone to receive real-time changes. However, it may be determined that GET will include PUSH.
Inbound ACLs