[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] [Glossary] PSTC Glossary
Here
is a draft of the glossary being worked on for the provisioning services
technical committee which has some overlap with us.
Ken Yagen -----Original Message-----
From: Darran Rolls [mailto:Darran.Rolls@waveset.com] Sent: Monday, October 15, 2001 8:55 AM To: Gavenraj Sodhi; provision-comment@lists.oasis-open.org; xrpm@yahoogroups.com Subject: [PSTC] RE: [provision-comment] Draft: Glossary of Terms for ProvisioningServices Technical Committee (PSTC) Thanks Raj.
I have taken the
liberty of adding some definitions and have made a couple of changes here and
there. Your original was in pdf, I’ve moved it over to a word doc for interim version
control and commenting. I’ll
archive everything for now pending use of a doc repository on the Oasis
site. I’m a little behind
with my “Document Of Understanding”. I’ll have this available to the group
tomorrow (honestly ;-) On the last call there
was agreement on the need to get a better definition of the term
“Provisioning”. So far we have the
following, what does everyone think? Provisioning
- The process of managing attributes and accounts within the scope of a
defined business process or
interaction. Provisioning an
account or service may involve the creation, modification,
deletion, suspension, restoration of a defined set or accounts or attributes. Provisioning - The
self-service management of user identity data (e.g., identity, role) in
a centralized manner to resources
across an enterprise and external enterprise. The resources may have attributes
mapped across to multiple applications. The attributes to these resources may consist of the
following actions: Add, Modify, Delete, Suspend, Restore, Search, Notify,
etc...
-----Original
Message----- Here is the First Draft of the Glossary of
Terms for PSTC. Please
comment. -Gavenraj
Sodhi Provisioning Services Technical Committee
(PSTC) Revision
History
Glossary
of Terms for Provisioning Services Technical Committee
(PSTC) Account
- A set of parameters that define a user’s access to a
service. Every service will require
a different set of information to give a user access; therefore,
the parameters of accounts will differ by service type. Actor -
An entity (i.e. person or system entity) utilizing
provisioning, user administration,
services. Examples of actors include application programs,
security services,
any computing or non-computing services, etc. Perhaps actor
is effectively
synonymous with system or person entity. Attributes
– Functions of the particular resource. Authorized
- A system entity or actor is “authorized” if it is granted a
right or a permission or a
capability to access a system resource. External
Identity
- Unique Identity or an element with respect to a defining domain (e.g.,
Organization or Party) Organization
- Organization of Persons. Party
- Refers to any person who interacts with the system and/or the network the system
is managing. Person
- Represents an individual person. Provisioning
- The self-service management of user identity data (e.g., identity, role) in a
centralized manner to resources across an enterprise and external
enterprise. The resources may have
attributes mapped across to multiple applications. The attributes to these resources may
consist of the following actions:
Add, Modify, Delete, Suspend, Restore, Search, Notify,
etc... Requesting
Authority - Party or system that is authorized to request a
resource for the party. Resource
- Any application or service which can be managed for provisioning
purposes. Role
- Roles that a person can fulfill within an organization System
- Represents computing entities (e.g., Provisioning System) Service
- A specific type of resource that is not physically obtained
by a user, but is accessed
periodically by the user. Other
Initiatives to be considering: DSML
(Directory Services Markup Language) - An XML specification
for marking up directory services information SAML
(Security Assertions Markup Language) - An XML-based security
standard for exchanging authentication and authorization
information XACML
(eXtensible Access Control Markup Language) - An XML
specification for expressing policies for information access over the Internet
XNSORG
(XNS Public Trust Organization) - An XML-based open platform
for automated data exchange with global identity, privacy, and permission
management capabilities ------------------------------------------------------------------------------------------- Further definitions
will come out when we start diving into use cases.
To unsubscribe from this group, send an email to: xrpm-unsubscribe@yahoogroups.com Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC