Technologies de l'information - Interconnexion de systèmes ouverts (OSI) - Gestion-systèmes : Objets et attributs de contrôle d'accès
Porté:
The specifications contained herein are applicable to the provision of access control for applications that use OSI management services and protocols.
This Recommendation / International Standard - establishes user requirements for the provision of access control for applications that use OSI management services and protocols; - interprets and applies the general model of access control defined in ITU-T Rec. X.812 / ISO/IEC 10181-3 for use with management applications that use OSI management services and protocols; - defines procedures for the imposition of access control rules in conjunction with the use of OSI management services and protocols; - defines managed object classes and attribute types that
(a) represent some of the access control information that may be used in the provision of access control; and (b) are only for use when the management of the access control information is to be achieved using systems management;
- specifies the protocol that is necessary to exchange the access control information defined in this Recommendation / International Standard, when the exchange is achieved using OSI systems management; - specifies conformance requirements for open systems that claim to support access control for applications that use OSI management services and protocols; - specifies conformance requirements for open systems that claim to support the management of the access control information defined in this Recommendation / International Standard.
The access control information identified by this Recommendation / International Standard may be used in support of access control schemes based on access control lists, capabilities, security labels, and contextual constraints.
This Recommendation / International Standard does not - define an access control policy for applications that use OSI management services and protocols; - define security (or management) domains in which an access control policy may be imposed; - define how the components of an access control function be implemented, nor where those components be located; - specify the form of any access control information that is temporarily or permanently stored in an open system; - specify any access control mechanisms, nor mandate the use of any particular access control mechanism; - mandate that access control information be managed, and if it is to be managed, that management be achieved using OSI systems management; - describe how communicating management application entities act to make access control decisions on behalf of, or for the benefit of any third party; - specify any conformance requirement for the access control parameter defined in this Recommendation / International Standard.
Note : L’information ci-dessus a été recueillie et est diffusée par le Conseil canadien des normes (CCN) pour les besoins de son système de notification centralisé et transparent pour l’élaboration de nouvelles normes. Le système permet aux organismes d’élaboration de normes (OEN) accrédités par le CCN et aux membres du public d’être informés des nouveaux travaux d’élaboration de normes au Canada. Il donne aussi aux OEN accrédités la possibilité de repérer et de résoudre les cas de doubles emplois éventuels dans les normes et les travaux de normalisation.
Les OEN sont eux-mêmes responsables du contenu et de l’exactitude de l’information présentée ici. Cette information n’existe que dans la langue dans laquelle elle a été fournie au CCN.