[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [provision-comment] Draft: Glossary of Terms forProvisioningServices Technical Committee (PSTC)
Thanks Raj. I have taken the liberty of adding some
definitions and have made a couple of changes here and there. Your original was in pdf,
I’ve moved it over to a word doc for interim version control and
commenting. I’ll archive
everything for now pending use of a doc repository on the Oasis site. I’m a little behind with my “Document
Of Understanding”. I’ll have this available to the group
tomorrow (honestly ;-) On the last call there was agreement on
the need to get a better definition of the term “Provisioning”. So far we have the following, what does
everyone think? Provisioning
- The process of managing attributes and accounts within the scope of a defined
business process or interaction.
Provisioning an account or service may involve the
creation, modification, deletion, suspension, restoration of a defined set or
accounts or
attributes. Provisioning
- The self-service management of user identity data (e.g.,
identity, role) in a centralized
manner to resources across an enterprise and external enterprise. The resources
may have attributes mapped across to multiple applications. The attributes to these
resources may consist of the following actions: Add, Modify, Delete, Suspend, Restore, Search, Notify, etc...
-----Original Message----- Here is the
First Draft of the Glossary of Terms for PSTC. Please comment. -Gavenraj Sodhi Provisioning Services Technical Committee (PSTC) Revision History
Glossary of Terms for Provisioning Services
Technical Committee (PSTC) Account - A set of parameters
that define a user’s access to a service. Every service will require a different set of information to give a user access; therefore, the parameters of accounts will differ by service type. Actor - An entity (i.e. person
or system entity) utilizing provisioning, user administration, services. Examples of actors include application
programs, security services, any computing or non-computing services, etc.
Perhaps actor is effectively synonymous with system or person entity. Attributes – Functions of
the particular resource. Authorized - A system entity or
actor is “authorized” if it is granted a right or a permission or a capability to access a system resource. External Identity - Unique Identity or an
element with respect to a defining domain (e.g., Organization or Party) Organization - Organization of
Persons. Party - Refers to any person who
interacts with the system and/or the network the system is managing. Person - Represents an
individual person. Provisioning - The self-service
management of user identity data (e.g., identity, role) in a centralized manner
to resources across an enterprise and external enterprise. The resources may have attributes mapped
across to multiple applications. The
attributes to these resources may consist of the following actions: Add, Modify, Delete, Suspend, Restore,
Search, Notify, etc... Requesting Authority - Party or
system that is authorized to request a resource for the party. Resource - Any application or
service which can be managed for provisioning purposes. Role - Roles that a person can
fulfill within an organization System - Represents computing
entities (e.g., Provisioning System) Service - A specific type of
resource that is not physically obtained by a user, but is accessed periodically by the user. Other Initiatives to be considering: DSML (Directory Services Markup Language)
- An XML specification for marking up directory services information SAML (Security Assertions Markup Language)
- An XML-based security standard for exchanging authentication and
authorization information XACML (eXtensible Access Control Markup Language) -
An XML specification for expressing policies for information access over the
Internet XNSORG (XNS Public Trust Organization)
- An XML-based open platform for automated data exchange with global identity,
privacy, and permission management capabilities ------------------------------------------------------------------------------------------- Further definitions will come out when we start diving into use cases. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC