dido:public:ra:xapend:xapend.a_glossary:p:pbms
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.a_glossary:p:pbms [2022/01/19 14:45] nick created |
dido:public:ra:xapend:xapend.a_glossary:p:pbms [2022/01/19 17:09] (current) 66.249.64.75 ↷ Links adapted because of a move operation |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Policy Based Management System (PBMS) ====== | ====== Policy Based Management System (PBMS) ====== | ||
| - | A **Policy Based Management System (PBMS)** is a Framework in which an Access Request received by a Policy Enforcement Point (PEP) is presented to a Policy Decision Point which retrieves the Authorization Policy data from a Policy Retrieval Point along with data on the Entity requesting access and data on the Target Resource from Policy Information Point(s) and renders a decision to the Policy Decision Point. | + | A **Policy Based Management System (PBMS)** is a Framework in which an Access Request received by a [[dido:public:ra:xapend:xapend.a_glossary:p:pep]] is presented to a [[[[dido:public:ra:xapend:xapend.a_glossary:p:pdp]] which retrieves the Authorization Policy data from a Policy Retrieval Point along with data on the Entity requesting access and data on the Target Resource from [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Point(s)]] and renders a decision to the PDP. |
| - | Generally, any of the AAA Servers (or Access Control Engines) transactions may retrieve a policy or evaluate a Access Control Policy, and any of the Service Equipment may enforce a policy. Policy Retrieval Points (Policy Repositories) may reside on any of the Access Control Engines or be located elsewhere in the network. | + | Generally, any of the AAA Servers (or [[dido:public:ra:xapend:xapend.a_glossary:a:aec| Access Control Engines (ACEs)]]) transactions may retrieve a [[dido:public:ra:xapend:xapend.a_glossary:p:policy]] or evaluate an [[dido:public:ra:xapend:xapend.a_glossary:a:acp]], and any of the Service Equipment may enforce a policy. [[dido:public:ra:xapend:xapend.a_glossary:p:prp ]] (i.e., [[dido:public:ra:xapend:xapend.a_glossary:d:datastore#definition_2_security | Policy Repositories]]) may reside on any of the ACEs) or be located elsewhere in the network. |
| - | Data against which Access Control Policy conditions are evaluated (such as resource status, session state, or time of day) are accessible at Policy Information Points (PIPs) and might be accessed using Policy Information Blocks (PIBs). | + | Data against which ACP conditions are evaluated (such as resource status, session state, or time of day) are accessible at [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Points (PIPs)]] and might be accessed using [[dido:public:ra:xapend:xapend.a_glossary:p:pib | Policy Information Blocks (PIBs)]]. |
| - | A Policy Based Management System consists of four main functional Non_normative elements: (following RFC 2904, except for PAP) | + | A **Policy Based Management System** consists of four main functional Non_normative elements: (following [[dido:public:ra:xapend:xapend.b_stds:tech:ietf:2904]], except for [[dido:public:ra:xapend:xapend.a_glossary:p:pap]]) |
dido/public/ra/xapend/xapend.a_glossary/p/pbms.1642621522.txt.gz · Last modified: 2022/01/19 14:45 by nick
