[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Two scenarios
They are in the DeAnza glossary which I believe you have. They came from a suggestion by Stephen Farrell who stole it from RFC 2748. I have not distributed the DeAnza glossary because I am anxious to move forward to produce OASIS TC documents rather than perpetuate documents from other groups, however if anyone wants a copy I will be glad to send it to them. The key point is that the PDP, which makes actual decisions to allow or prevent a requested access to a particular resource, may be distinct from the Attribute Authority which knows what attributes some set of users have. Further, even though the PDP may receive information about some user's attributes, it will still follow some sort of policy in turning that into an access decision. Hal > -----Original Message----- > From: Jeff Hodges [mailto:jhodges@oblix.com] > Sent: Thursday, January 25, 2001 3:02 PM > To: security-use@lists.oasis-open.org > Subject: Re: Two scenarios > > > "Edwards, Nigel" wrote: > > > > Hal Lockhart has pointed out that I have incorrectly used the > > terms Policy Decision Point and Policy Enforcement Point in > > the two scenarios I posted to the list earlier. > > Hal -- can you please point to doc(s) that provide PDP & PEP > definitions you do > agree with? > > thanks, > > JeffH >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC