Technical corrigenda #1, 2 and 3 to this standard are available.
ScopeThe specifications contained herein are applicable to the provision of access control for applications that use OSI management services and protocols.
This Recommendation | International Standard
- establishes user requirements for the provision of access control for applications that use OSI management services and protocols
- interprets and applies the general model of access control defined in ITU-T Rec. X.812 | ISO/IEC 10181-3 for use with management applications that use OSI management services and protocols
- defines procedures for the imposition of access control rules in conjunction with the use of OSI management services and protocols
- defines managed object classes and attribute types that
(a) represent some of the access control information that may be used in the provision of access control; and
(b) are only for use when the management of the access control information is to be achieved using systems management
- specifies the protocol that is necessary to exchange the access control information defined in this Recommendation | International Standard, when the exchange is achieved using OSI systems management;
- specifies conformance requirements for open systems that claim to support access control for applications that use OSI management services and protocols;
- specifies conformance requirements for open systems that claim to support the management of the access control information defined in this Recommendation | International Standard.
The access control information identified by this Recommendation | International Standard may be used in support of access control schemes based on access control lists, capabilities, security labels, and contextual constraints.
This Recommendation | International Standard does not
- define an access control policy for applications that use OSI management services and protocols
- define security (or management) domains in which an access control policy may be imposed
- define how the components of an access control function be implemented, nor where those components be located
- specify the form of any access control information that is temporarily or permanently stored in an open system
- specify any access control mechanisms, nor mandate the use of any particular access control mechanism
- mandate that access control information be managed, and if it is to be managed, that management be achieved using OSI systems management
- describe how communicating management application entities act to make access control decisions on behalf of, or for the benefit of any third party
- specify any conformance requirement for the access control parameter defined in this Recommendation | International Standard.