Policy Core Information Model -- Version 1 Specification
Voir toute la rfc dans une seule page
Page : 61 / 100
Télécharger le PDF
Auteur(s) :
B. Moore,
J. Strassner,
E. Ellesson,
A. Westerinen
Classé sous :
Common,
Schema,
Cim,
Object-oriented
RFC 3060 Policy Core Information Model February 2001
Even though specific security requirements are not appropriate for
PCIM, specific security requirements MUST be defined for each
operational real- world application of PCIM. Just as there will be a
wide range of operational, real-world systems using PCIM, there will
also be a wide range of security requirements for these systems.
Some operational, real-world systems that are deployed using PCIM may
have extensive security requirements that impact nearly all classes
and subclasses utilized by such a system, while other systems'
security requirements might have very little impact.
The derivative documents, discussed above, will create the context
for applying operational, real-world, system-level security
requirements against the various models which derive from PCIM.
For example, in some real-world scenarios, the values associated with
certain properties, within certain instantiated classes, may
represent information associated with scarce, and/or costly (and
therefore valuable) resources. It may be the case that these values
must not be disclosed to, or manipulated by, unauthorized parties.
As long as the derived model remains an information model (as opposed
to a data model), it is not possible to discuss the data model-
specific tools and mechanisms that are available for achieving the
authentication and authorization implicit in a requirement that
restricts read and/or read- write access to these values. Therefore,
these mechanisms will need to be discussed in each of the data models
to which the derived information models are mapped. If there are any
general security requirements that can be identified and can be
applied across multiple types of data models, it would be appropriate
to discuss those at the information model level, rather than the data
model level. In any case, any identified security requirements that
are not dealt with in the information model document, MUST be dealt
with in the derivative data model documents.
We can illustrate these points by extending the example from Section
2. A real-world system that provides QoS Gold Service to John would
likely need to provide at least the following security-related
capabilities and mechanisms (see [12] for definitions of security
related terms):
o Data integrity for the information (e.g., property values and
instantiated relationships) that specify that John gets QoS Gold
Service, from the point(s) that the information is entered into
the system to the point(s) where network components actually
provide that Service.
o Authentication and Authorization methods to ensure that only
system administrators (and not John or other engineers) can
remotely administer components of the system.
Moore, et al. Standards Track [Page 61]