LDAP Schema for Role Based Access Control
draft-bartz-hyperdrive-ldap-rbac-schema-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Larry Bartz | ||
Last updated | 1997-10-14 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Role Based Access Control (RBAC) is an authorization strategy in which an entity's permission to access and manipulate targeted resources is determined by the entity's role or function within a certain organizational context. RBAC's principal motivation is to streamline security policy administration. Many discrete authoriza- tions can be aggregated within a defined role. One or many roles may be assigned or attributed to individuals. This draft describes LDAP object classes and attributes which support RBAC. Adoption of this schema across multiple LDAP implementations will enable RBAC intero- perability among heterogeneous underlying directory services.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)