Authorization (AZN) API

Available to download
Reference
C908
A generally accepted definition of authorization is the granting of access rights to a subject (for example, a user or a program).
Availability
A generally accepted definition of authorization is the granting of access rights to a subject (for example, a user or a program). Within this definition we need to distinguish between the administrative act of asserting that a subject should be granted access rights (termed 'privilege attributes') and the operational act of allowing a subject to access a resource after determining that they hold the required set of privilege attributes. This Technical Standard defines a generic application programming interface for access control, in systems whose access control facilities conform to the architectural framework described in ISO 10181-3 (Access Control Framework). The API defined in this document does not provide for privilege attribute administration, although it does provide facilities which allow a subject to control which of its privilege attributes are used to authorize a particular access request (such facilities are often called 'least privilege').
More Information
UK ISBN 1859122663
Published 15 Jan 2000
Pages 110
Type Standards
Subject Security
Standards Information
Common Name AZN API
Status Adopted
Service Category Security and Risk Services
Service Access Control Services
Type The Open Group Standard
Usage The API defined in this document does not provide for privilege attribute administration, although it does provide facilities which allow a subject to control which of its privilege attributes are used to authorize a particular access request (such facilities are often called 'least privilege').
Write Your Own Review
Only registered users can write reviews. Please or
© 2023 The Open Group