Some of the earliest work of The Open Group Security Forum is around authentication. The X/Open Single Sign-On Service (XSSO) Preliminary Specification was published in 1997, with its Technical Corrigendum following in 1999. The XSSO Preliminary Specification describes a standard interface between applications and sign-on systems so that whatever the underlying technology of the application's authentication technology, they will plug-and-play with a 'coordinating primary' single sign-on system. The Role-Based Access Control (RBAC) standard defines a set of authorizations consistent with the generally accepted tasks assigned to administrative users, granting them the privileges necessary to perform their administrative duties, within a common set of administrative roles to be predefined on UNIX® systems.
Preliminary Specification
- X/Open Single Sign-On Service (XSSO) – Pluggable Authentication †
- X/Open Single Sign-On Service (XSSO) – Pluggable Authentication (Technical Corrigendum 1) †
Standards
- Role-Based Access Control (RBAC)
- Authorization Roles Managed on RBAC (O-ARMOR)
- Authorization (AZN) API
Guide
* denotes a document that has been archived, meaning that the contents remain sound and may be useful to inform future work but there are no plans to update the document.
† denotes a document that has been retired, meaning that the contents are historical and are unlikely to inform future work.