...
- The Recipe for Privilege and Access Management
- Looking at feedback from the August 8 AIM onlineIAM Online
- Looking at selected use cases with a policy service perspective approach, and modeling using XACML terminology (PAP, PIP, PEP, PDP)
- Simple Cloud Identity Management (SCIM) protocol as candidate for (de)provisioning
- Namespaces for privileges and expressing them through URI and URNs
- When to use groups , roles, privileges
- Role Hierarchies
- Working examples of Access Management
- Using the paccman glossary in other MACE Working Groups
- Experiments with the Axiomatics Policy Engine
- How can privileges be provisioned into an existing application?
- A mace-wide access management glossary
...
Documents and Presentations
- Chris Phillips IAM online Online presentation from August 2012
- MACE-paccman Working Group slides from Internet2 Member Meeting April 2012
- Session on "Where the Sidewalk Used to End: Privilege and Policy Management Strategies" at the 2011 Internet2 Fall Member Meeting
- Session on "Authorization and Intelligent Design" at 2011 Internet2 Spring Member Meeting (links to netcast and pdf files)
- MACE-paccman slides from Internet2 Member Meeting: April 2009 (pdf)
- MACE-paccman-glossary and comparative taxonomy
- MACE-paccman charter
- Mapping XACML and Signet Terms
- Kuali identity services summary (pdf)
- CMU Identity glossary
- Visual MACE-paccman charter
- Internet2 Privilege Management Survey Final Report - Fall 2008 (updated pdf ~4 MB)
- Categorizing Access Management Use Cases(Rob Carter and Scott Fullerton, June 2009 CAMP in Philadelphia)
- Surfnet Report on Collaboration Infrastructure
- APIs, Objects and Protocols for Access Management
- Oracle Entitlements Server Whitepaper NEW
...