-
-
Available Formats
- Availability
- Priced From ( in EUR )
-
Available Formats
-
- Immediate download
- €76.15
- Add to Cart
-
- Printed Edition
- Ships in 1-2 business days
- €76.15
- Add to Cart
Customers Who Bought This Also Bought
-
ASTM E1715-01(2013)
Priced From €76.15 -
ASTM E2118-00
Priced From €59.63 -
ASTM E2403-23
Priced From €45.87 -
ASTM E2782-17(2022)e1
Priced From €71.56
About This Item
Full Description
1.1 This guide defines interoperable mechanisms to manage privileges in a distributed environment. This guide is oriented towards support of a distributed or service-oriented architecture (SOA) in which security services are themselves distributed and applications are consumers of distributed services.
1.2 This guide incorporates privilege management mechanisms alluded to in a number of existing standards (for example, Guide E1986 and Specification E2084). The privilege mechanisms in this guide support policy-based access control (including role-, entity-, and contextual-based access control) including the application of policy constraints, patient-requested restrictions, and delegation. Finally, this guide supports hierarchical, enterprise-wide privilege management.
1.3 The mechanisms defined in this guide may be used to support a privilege management infrastructure (PMI) using existing public key infrastructure (PKI) technology.
1.4 This guide does not specifically support mechanisms based on secret-key cryptography. Mechanisms involving privilege credentials are specified in ISO 9594-8:2000 (attribute certificates) and Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) (attribute assertions); however, this guide does not mandate or assume the use of such standards.
1.5 Many current systems require only local privilege management functionality (on a single computer system). Such systems frequently use proprietary mechanisms. This guide does not address this type of functionality; rather, it addresses an environment in which privileges and capabilities (authorizations) shall be managed between computer systems across the enterprise and with business partners.