1 / 4

PCLS Security Considerations Policy Framework WG 49 th IETF, San Diego

PCLS Security Considerations Policy Framework WG 49 th IETF, San Diego. Ed Ellesson, ellesson@tivoli.com. PCLS Security Considerations. Background: (developing with Security Area) PCIM passed to Proposed Standard with a security section pointing to subsequent docs for details

kyra-palmer
Download Presentation

PCLS Security Considerations Policy Framework WG 49 th IETF, San Diego

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PCLS Security Considerations Policy Framework WG49th IETF, San Diego Ed Ellesson, ellesson@tivoli.com

  2. PCLS Security Considerations • Background: (developing with Security Area) • PCIM passed to Proposed Standard with a security section pointing to subsequent docs for details • PCLS is the instantiable mapping of PCIM to an ldap-accessible directory representation. • Other docs will subclass PCIM to QOS, IPsec and other domains. • Still other docs will map these subclassed models to directory representations. • Issue: What sec. considerations go into PCLS? • ldap-specific considerations? • Common mapping considerations?

  3. PCLS Security Section Outline (1) • General • Pointer to PCIM • Add pointer to LDAP security docs? (RFC 2829, 2830) • Services and mechanisms, but not the wire • Users • Pointer to PCIM, except there is nothing specific to service users there. • Can’t really say anything about end users,since dependent on application domain…qos, ipsec • Add Policy Servers (PDPs) as users of schema? • Administrators (Leave this to subsequent docs?) • Administrators of schema • Administrators of schema content (instances)

  4. PCLS Security Section Outline (2) • Some Service Topics in PCLS: • Audit Trail Functionality • Access Control/Authorization • Authentication • Integrity/Privacy • Denial of Service • Or should they go in the individual domain specific mapping documents: • QPIM and QDDIM mapping docs • IPSP mapping doc • Work in parallel with domain-specific mapping docs

More Related