Computerworld - Action: The type of access that is being requested (for example, read, write, create, delete, logged).
Attribute: A specific characteristic of a subject, resource, action or environment in which the access request is made. Attributes could include a user's name, workstation identity, security clearance, the file to which access is desired and the time of day.
Bag: An unordered collection of attributes, used for matching attributes to conditions. Bags may contain duplicate attributes or be empty.
Condition: A simple or complex Boolean function at the heart of a rule.
Effect: The result of an authorization: deny or permit.
Policy: A single access-control policy expressed through a set of rules.
Policy Set: A container of policies, including references to remote policies.
Resource: A device, data element or file for which access is requested.
Subject: The person or computer making a request.
Target: A set of simplified conditions for the subject, resource and action that must be met for a policy set, policy or rule to apply to a given request.
Read more about App Development in Computerworld's App Development Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
