[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Two additional references for XACML 2.0
I think it would be good for us to reference the IETF and DMTF/CIM standards from which the concepts and terminology for "PDP" and "PEP" come. Not only is this a common question ("did you guys define this term?"), but if would also be appropriate for us to acknowledge our source. I suggest we also relate these to the corresponding ISO/IEC terms, since another common question is "How do these fit with ADF and AEF?" This could be accomplished by appending text like the following to the existing definitions in our Glossary: Policy decision point (PDP) - <existing def>. This term is defined in a joint effort by the IETF Policy Framework Working Group and the Distributed Management Task Force (DMTF)/Common Information Model (CIM) in [RFC3198]. This term corresponds to "Access Decision Function" (ADF) in [ISO10181-3]. Policy enforcement point (PEP) - <existing def>. This term is defined in a joint effort by the IETF Policy Framework Working Group and the Distributed Management Task Force (DMTF)/Common Information Model (CIM) in [RFC3198]. This term corresponds to "Access Enforcement Function" (AEF) in [ISO10181-3]. The corresponding references are: [RFC3198] IETF RFC 3198: Terminology for Policy-Based Management, November 2001. http://www.ietf.org/rfc/rfc3198.txt [ISO10181-3] ISO/IEC 10181-3:1996 Information technology -- Open Systems Interconnection -- Security frameworks for open systems: Access control framework. Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]