You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by di...@incubator.apache.org on 2004/06/19 06:48:44 UTC

[Apache Directory Project Wiki] New: JanusHome

   Date: 2004-06-18T21:48:43
   Editor: 24.37.52.157 <>
   Wiki: Apache Directory Project Wiki
   Page: JanusHome
   URL: http://wiki.apache.org/directory/JanusHome

   no comment

New Page:

=== About Janus ===

Janus is an effort to develop an Authentication, Authorization and Accounting framework for
building security infrastructures. Janus is the security sub-project for the Eve directory server.

=== Proposal ===

Following is a proposed direction to drive the development of Janus.

==== Terminology ====

||'''Resource'''||Object of an authorization decision||
||'''Action'''||Operation to be performed on a resource||
||'''Permission'''||An action on a associated resource which is the subject of an authorization decision||
||'''Condition'''||An expression of predicates on a subject (on its principals)||
||'''Rule'''||Definition of an effect of verifying a condition on a permission||
||'''Effect'''||Consequence of verifying a rule: permit or deny||
||'''Policy'''||A set of rules and an algorithm for combining rules||
||'''Policy Set'''||A set of policies (or other policy sets) and an algorithm for combining policies||
||'''Applicable Policy'''||A set of policies and policy sets that apply to a resource||
||'''Context'''||A set of environmental attributes that affects an authorization decision||