|
|
|
|
|
|
by tnzk
1459 days ago
|
|
|
Recently I've been exploring an idea of extension of authorization frameworks like OAuth or GNAP where you can authorize not only access to your data directly but execution of specific computation (be it a specific revision of container image) on it. You would review, in advance, what would be done your data and if suspicious just reject. Ideally the web service pulls the container image and run it on their host, then return the result of the computation to the third-party, keeping the original your data secret. You wouldn't have to give the plain data which would easily be copied in first place. The problem is, I'm not sure if the class of application that can be implemented in this scheme is large enough to be useful. |
|
|