OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-use message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: Two scenarios

They are in the DeAnza glossary which I believe you have. They came from a
suggestion by Stephen Farrell who stole it from RFC 2748. I have not
distributed the DeAnza glossary because I am anxious to move forward to
produce OASIS TC documents rather than perpetuate documents from other
groups, however if anyone wants a copy I will be glad to send it to them.

The key point is that the PDP, which makes actual decisions to allow or
prevent a requested access to a particular resource, may be distinct from
the Attribute Authority which knows what attributes some set of users have.
Further, even though the PDP may receive information about some user's
attributes, it will still follow some sort of policy in turning that into an
access decision.


> -----Original Message-----
> From: Jeff Hodges [mailto:jhodges@oblix.com]
> Sent: Thursday, January 25, 2001 3:02 PM
> To: security-use@lists.oasis-open.org
> Subject: Re: Two scenarios
> "Edwards, Nigel" wrote:
> > 
> > Hal Lockhart has pointed out that I have incorrectly used the
> > terms Policy Decision Point and Policy Enforcement Point in
> > the two scenarios I posted to the list earlier.
> Hal -- can you please point to doc(s) that provide PDP & PEP 
> definitions you do
> agree with?
> thanks,
> JeffH

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC