Access Controls -- service actions (IN or OUT?)

hafner at almaden.ibm.com hafner at almaden.ibm.com
Fri Apr 21 10:35:04 PDT 2000


* From the T10 Reflector (t10 at t10.org), posted by:
* hafner at almaden.ibm.com
*


Folks,
I'm probably shooting myself in the foot with this one, but ...

I've been looking over the way some service actions are split between IN
and OUT and would like to suggest some changes.  Part of the reasons for
change is aesthetic (namely, put all "manage-type" in the OUT column and
all "report-type" in the IN column as much as possible).  The other part of
the reason for change is for some potential enhancements I have in mind for
the future.

So, I'm suggesting the following changes:
1) move CLEAR ACCESS CONTROLS LOG to the OUT command,  and put the
Management Identifier Key and the Log Portion field in the parameter data.

2) Split the MANAGE OVERRIDE LOCKOUT TIMER into two:
--  REPORT OVERRIDE LOCKOUT TIMER (in IN) which will return
    a) the current restart value
    b) the current value of the timer
    c) the Key Overrides Counter
In this IN command, the Management Identifier Key is in the CDB.
-- MANAGE OVERRIDE LOCKOUT TIMER (in OUT) and change
the parameter data to include:
   a) the Management Identifier Key
   b) and the new initial (restart) value.
In this OUT command, a bad Key or no parameter data restarts the timer.

(I had thought to move DISABLE ACCESS CONTROLS, and possibly OVERRIDE MGMT
ID KEY, to IN because the only thing in the parameter data is an 8 byte
Management Identifier Key, and that can fit into the 8 byte field in the
CDB, but these are "manage" commands so they really ought to be in OUT
table.)

I'll hold off editing these changes into rev 8 till Tuesday, 4/25 to give
folks a little while to object.   But I'd like to get rev8 out by end of
day Wed. 4/26.

Jim Hafner


*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org




More information about the T10 mailing list