directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu" <akaras...@apache.org>
Subject [Triplesec] [AuthZ] Applications and Roles
Date Wed, 24 Oct 2007 17:25:13 GMT
Applications and Roles
---------------------------------

Application designers devise security permissions and roles specific to
applications.  These
roles represent a set of rights authorizing principals to perform operations
or access resources
that must be allowed to fulfill a specific coherent function within
applications.  These rights to
access resources are the permissions.  The set of these permissions, needed
for a logical
function to be conducted in the application, is a role.

To be concise we extract the following glossary definitions:

Permission:
   A right required by a system or application to authorize principals to
perform a
   specific operation or access a resource in some manner.

Role:
   A set of permissions required by a principal to be authorized to fulfill
a logical function
   within a system or application.

Thanks,
Alex

Mime
View raw message