Next: 2.2.2 Authorisation and Obligation
Up: 2.2 Policy Work at
Previous: 2.2 Policy Work at
Contents
The research interest in policies started early with the problem of
access control to resources. In [MoSl 88] policies are
presented to define rules which regulate how people and programs
acting on their behalf can access resources in a computer
system. According to this paper, five components are necessary to
state such rules:
- users
- are the people2.1who want to use resources within the computer system. Users are needed
so that a policy can state what a user is allowed to do.
- resources
- are programs, services and data accessed by users. The policy
specifies what resources a user can access.
- operations
- are the specific operations which can be performed on a resource. Each
resource type has a set of operations it supports. A policy must
specify which operations the user is permitted to invoke on the
resource.
- authority
- is the legitimate power to make policy decisions. The authority can
grant access to resources which are in its authority domain.
- domain
- is a boundary containing resources or users.
Next: 2.2.2 Authorisation and Obligation
Up: 2.2 Policy Work at
Previous: 2.2 Policy Work at
Contents
Copyright Munich Network Management Team