OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

provision-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [provision-comment] Draft: Glossary of Terms for ProvisioningServices Technical Committee (PSTC)

Here is the First Draft of the Glossary of Terms for PSTC.  Please comment.
-Gavenraj Sodhi

Provisioning Services Technical Committee (PSTC)

Revision History



Draft 01 – v01


12 October 2001


Gavenraj Sodhi


Glossary of Terms


Glossary of Terms for Provisioning Services Technical Committee (PSTC)


Account - A set of parameters that define a user’s access to a service. Every

service will require a different set of information to give a user

access; therefore, the parameters of accounts will differ by service


Actor - An entity (i.e. person or system entity) utilizing provisioning, user

administration, services. Examples of actors include application programs,

security services, any computing or non-computing services, etc. Perhaps actor

is effectively synonymous with system or person entity.

Attributes – Functions of the particular resource.

Authorized - A system entity or actor is “authorized” if it is granted a right or a

permission or a capability to access a system resource.

Enterprise - Environment within the companies' realm (e.g., Intranet, current corporation employees, temporary employees, contractors).

External Enterprise - Environment which may contain many or all of the following:  Managed Services, contractors, temporary employees, multiple organizations, private to public registry systems.

Identity - Unique Identity or an element with respect to a defining domain (e.g., Organization or Party)

Organization - Organization of Persons.

Party - Refers to any person who interacts with the system and/or the

network the system is managing.

Person - Represents an individual person.

Provisioning - The self-service management of user identity data (e.g., identity, role) in a centralized manner to resources across an enterprise and external enterprise.  The resources may have attributes mapped across to multiple applications.  The attributes to these resources may consist of the following actions:  Add, Modify, Delete, Suspend, Restore, Search, Notify, etc...

Requesting Authority - Party or system that is authorized to request a resource for the party.

Resource - Any application or service which can be managed for provisioning purposes.

Role - Roles that a person can fulfill within an organization

System - Represents computing entities (e.g., Provisioning System)

Service - A specific type of resource that is not physically obtained by a user,

but is accessed periodically by the user.


Other Initiatives to be considering:


DSML (Directory Services Markup Language) - An XML specification for marking up directory services information

SAML (Security Assertions Markup Language) - An XML-based security standard for exchanging authentication and authorization information

XACML (eXtensible Access Control Markup Language) - An XML specification for expressing policies for information access over the Internet

XNSORG (XNS Public Trust Organization) - An XML-based open platform for automated data exchange with global identity, privacy, and permission management capabilities


Further definitions will come out when we start diving into use cases.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC