rfc2820.txt

来自「RFC 的详细文档！」· 文本 代码 · 共 508 行 · 第 1/2 页

   context means scope of administration). An administrator MUST be able
   to create new partitions at any point in the directory tree, and MUST
   be able to merge a superior and subordinate partition.  An
   administrator MUST be able to configure whether delegated access
   control information from superior partitions is to be accepted or
   not.

   U14.  It MUST be possible to authorize users to traverse directory
   structure even if they are not authorized to examine or modify some
   traversed entries; it MUST also be possible to prohibit this.  The
   tree structure MUST be able to be protected from view if so desired
   by the administrator.

   U15.  It MUST be possible to create publicly readable entries, which
   may be read even by unauthenticated clients.

   U16.  The model for combining multiple access control list entries
   referring to a single individual MUST be easy to understand.

   U17.  Administrator MUST be able to determine where inherited policy
   information comes from, that is, where ACLs are located and which
   ACLs were applied. Where inheritance of ACLs is applied, it must be
   able to be shown how/where that new ACL is derived from.




Stokes, et al.               Informational                      [Page 5]

RFC 2820          Access Control Requirements for LDAP          May 2000


   U18.  It SHOULD be possible for the administrator to configure the
   access control system to permit users to grant additional access
   control rights for entries which they create.

4.  Security Considerations

   Access control is a security consideration.  This documents addresses
   the requirements.

5.  Glossary

   This glossary is intended to aid the novice not versed in depth about
   access control.  It contains a list of terms and their definitions
   that are commonly used in discussing access control [emca].

   Access control - The prevention of use of a resource by unidentified
   and/or unauthorized entities in any other that an authorized manner.

   Access control list - A set of control attributes.  It is a list,
   associated with a security object or a group of security objects.
   The list contains the names of security subjects and the type of
   access that may be granted.

   Access control policy - A set of rules, part of a security policy, by
   which human users, or their representatives, are authenticated and by
   which access by these users to applications and other services and
   security objects is granted or denied.

   Access context - The context, in terms of such variables as location,
   time of day, level of security of the underlying associations, etc.,
   in which an access to a security object is made.

   Authorization - The granting of access to a security object.

   Authorization policy - A set of rules, part of an access control
   policy, by which access by security subjects to security objects is
   granted or denied.  An authorization policy may be defined in terms
   of access control lists, capabilities, or attributes assigned to
   security subjects, security objects, or both.

   Control attributes - Attributes, associated with a security object
   that, when matched against the privilege attributes of a security
   subject, are used to grant or deny access to the security object.  An
   access control list or list of rights or time of day range are
   examples of control attributes.

   Credentials - Data that serve to establish the claimed identity of a
   security subject relative to a given security domain.



Stokes, et al.               Informational                      [Page 6]

RFC 2820          Access Control Requirements for LDAP          May 2000


   Privilege attributes - Attributes, associated with a security subject
   that, when matched against control attributes of a security object,
   are used to grant or deny access to that subject.  Group and role
   memberships are examples of privilege attributes.

   Security attributes - A general term covering both privilege
   attributes and control attributes.  The use of security attributes is
   defined by a security policy.

   Security object - An entity in a passive role to which a security
   policy applies.

   Security policy - A general term covering both access control
   policies and authorization policies.

   Security subject - An entity in an active role to which a security
   policy applies.

6.  References

   [ldap]      Kille, S., Howes, T. and M. Wahl, "Lightweight Directory
               Access Protocol (v3)", RFC 2251, August 1997.

   [ecma]      ECMA, "Security in Open Systems: A Security Framework"
               ECMA TR/46, July 1988.

   [bradner97] Bradner, S., "Key Words for use in RFCs to Indicate
               Requirement Levels", BCP 14, RFC 2119, March 1997.























Stokes, et al.               Informational                      [Page 7]

RFC 2820          Access Control Requirements for LDAP          May 2000


7. Authors' Addresses

   Bob Blakley
   Dascom
   5515 Balcones Drive
   Austin, TX 78731
   USA

   Phone: +1 512 458 4037  ext 5012
   Fax:   +1 512 458 2377
   EMail: blakley@dascom.com


   Ellen Stokes
   IBM
   11400 Burnet Rd
   Austin, TX 78758
   USA

   Phone: +1 512 838 3725
   Fax:   +1 512 838 0156
   EMail: stokes@austin.ibm.com


   Debbie Byrne
   IBM
   11400 Burnet Rd
   Austin, TX 78758
   USA

   Phone: +1 512 838 1930
   Fax:   +1 512 838 8597
   EMail: djbyrne@us.ibm.com


   Prasanta Behera
   Netscape
   501 Ellis Street
   Mountain View, CA 94043
   USA

   Phone: +1 650 937 4948
   Fax:   +1 650 528-4164
   EMail: prasanta@netscape.com







Stokes, et al.               Informational                      [Page 8]

RFC 2820          Access Control Requirements for LDAP          May 2000


8.  Full Copyright Statement

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.



















Stokes, et al.               Informational                      [Page 9]