Versions Compared

Old Version 102

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version 103

changes.mady.by.user Mark Scheible (mcnc.org)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What are we currently working on ?

  1. The recipe for privilege and access management
  2. Preparation for the August 8 AIM online 
  3. Looking at selected use cases with a policy service perspective approach, and modeling using XACML terminology (PAP, PIP, PEP, PDP)
  4. Simple Cloud Identity Management (SCIM) protocol as candidate for (de)provisioning
    1. Namespaces for privileges and expressing them through URI and URNs
    2. When to use groups , roles, privileges
    3. Role Hierarchies
    4. Working examples  of Access Management
  5. Using the paccman glossary in other MACE Working Groups
  6. Experiments with the Axiomatics Policy Engine
  7. How can privileges be provisioned into an existing application?
  8. A mace-wide access management glossary

MACE-paccman (Privilege and Access Management) Working Group

The MACE-paccman Working Group provides a venue for discussion and development of access management material in the context of of MACE and the  and the Internet2 Middleware Initiative. It is co-chaired by Tom Dopirak, Carnegie Mellon University, and Keith Hazelton, University of Wisconsin - Madison. Working Group Flywheel is Steve Olshansky <steveo AT internet2.edu>.

For editing access to this wiki space, see the instructions at at http://middleware.internet2.edu/docs/internet2-spaces-instructions-200703.html

AuthNZ Models

Image Removed

Also see

...

the MACE-paccman website, which includes:

  • minutes of conference calls
  • instructions for subscribing to the mailing list
  • finalized documents and other deliverables, as they become available
  • links to related resources of interest

What are we currently working on ?

  1. The recipe for privilege and access management
  2. Preparation for the August 8 AIM online 
  3. Looking at selected use cases with a policy service perspective approach, and modeling using XACML terminology (PAP, PIP, PEP, PDP)
  4. Simple Cloud Identity Management (SCIM) protocol as candidate for (de)provisioning
    1. Namespaces for privileges and expressing them through URI and URNs
    2. When to use groups , roles, privileges
    3. Role Hierarchies
    4. Working examples  of Access Management
  5. Using the paccman glossary in other MACE Working Groups
  6. Experiments with the Axiomatics Policy Engine
  7. How can privileges be provisioned into an existing application?
  8. A mace-wide access management glossary

AuthNZ Models

Image Added

  •  

Use Cases

Glossary

Documents and Presentations

...