What are we currently working on ?

  1. Simple Cloud Identity Management (SCIM) protocol as candidate for (de)provisioning
  2. The recipe book for privilege and access management   https://spaces.at.internet2.edu/display/macepaccman/Privilege+and+Access+Management+Recipes--A+Discussion-starter+Draft
    1. Namespaces for privileges and expressing them through URI and URNs
    2. When to use groups , roles, privileges
    3. Role Hierarchies
    4. Working examples  of Access Management
  3. Using the paccman glossary in other MACE Working Groups
  4. Experiments with the Axiomatics Policy Engine
  5. How can privileges be provisioned into an existing application?

MACE-paccman (Privilege and Access Management) Working Group

The MACE-paccman Working Group provides a venue for discussion and development of access management material in the context of MACE and the Internet2 Middleware Initiative. It is co-chaired by Tom Dopirak, Carnegie Mellon University, and Keith Hazelton, University of Wisconsin - Madison. Working Group Flywheel is Steve Olshansky <steveo AT internet2.edu>.

For editing access to this wiki space, see the instructions at http://middleware.internet2.edu/docs/internet2-spaces-instructions-200703.html

AuthNZ Models

Use Cases


Documents and Presentations