dido:public:ra:xapend:xapend.a_glossary:p:pbms
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.a_glossary:p:pbms [2022/01/19 14:50] nick |
dido:public:ra:xapend:xapend.a_glossary:p:pbms [2022/01/19 17:09] (current) 66.249.64.75 ↷ Links adapted because of a move operation |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| A **Policy Based Management System (PBMS)** is a Framework in which an Access Request received by a [[dido:public:ra:xapend:xapend.a_glossary:p:pep]] is presented to a [[[[dido:public:ra:xapend:xapend.a_glossary:p:pdp]] which retrieves the Authorization Policy data from a Policy Retrieval Point along with data on the Entity requesting access and data on the Target Resource from [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Point(s)]] and renders a decision to the PDP. | A **Policy Based Management System (PBMS)** is a Framework in which an Access Request received by a [[dido:public:ra:xapend:xapend.a_glossary:p:pep]] is presented to a [[[[dido:public:ra:xapend:xapend.a_glossary:p:pdp]] which retrieves the Authorization Policy data from a Policy Retrieval Point along with data on the Entity requesting access and data on the Target Resource from [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Point(s)]] and renders a decision to the PDP. | ||
| - | Generally, any of the AAA Servers (or Access Control Engines) transactions may retrieve a [[[[dido:public:ra:xapend:xapend.a_glossary:p:policy]] or evaluate an Access Control Policy, and any of the Service Equipment may enforce a policy. Policy Retrieval Points (Policy Repositories) may reside on any of the Access Control Engines or be located elsewhere in the network. | + | Generally, any of the AAA Servers (or [[dido:public:ra:xapend:xapend.a_glossary:a:aec| Access Control Engines (ACEs)]]) transactions may retrieve a [[dido:public:ra:xapend:xapend.a_glossary:p:policy]] or evaluate an [[dido:public:ra:xapend:xapend.a_glossary:a:acp]], and any of the Service Equipment may enforce a policy. [[dido:public:ra:xapend:xapend.a_glossary:p:prp ]] (i.e., [[dido:public:ra:xapend:xapend.a_glossary:d:datastore#definition_2_security | Policy Repositories]]) may reside on any of the ACEs) or be located elsewhere in the network. |
| - | Data against which Access Control Policy conditions are evaluated (such as resource status, session state, or time of day) are accessible at [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Points (PIPs)]] and might be accessed using [[dido:public:ra:xapend:xapend.a_glossary:p:pib | Policy Information Blocks (PIBs)]]. | + | Data against which ACP conditions are evaluated (such as resource status, session state, or time of day) are accessible at [[dido:public:ra:xapend:xapend.a_glossary:p:pip | Policy Information Points (PIPs)]] and might be accessed using [[dido:public:ra:xapend:xapend.a_glossary:p:pib | Policy Information Blocks (PIBs)]]. |
| - | A **Policy Based Management System** consists of four main functional Non_normative elements: (following RFC 2904, except for PAP) | + | A **Policy Based Management System** consists of four main functional Non_normative elements: (following [[dido:public:ra:xapend:xapend.b_stds:tech:ietf:2904]], except for [[dido:public:ra:xapend:xapend.a_glossary:p:pap]]) |
dido/public/ra/xapend/xapend.a_glossary/p/pbms.1642621850.txt.gz · Last modified: 2022/01/19 14:50 by nick
