In order to have consistent names for services referenced in use cases, this document defines qualification syntax comprised of three terms.
This syntax is intended to provide a detailed context of which deployment a service is running in and which resources it is providing (access to).
The three terms are:
Deployment Type – Qualifies the actor‘s domain of operation (i.e. the deployment entity where they perform their role or function).
Organizational Type – Further qualifies the actor by the organization within their deployment entity
Resource Type – Further Qualifies the actor by the resources they have been entitled to interact with.
The general syntax for creating a name for a service is as follows:
Deployment Type | Organizational Type | Resource Type
The section presented above titled “Actor Name Construction” includes diagrams that show the logical derivation (inheritance) for each of these qualification terms. The naming or qualification of services is approached in the same way as in naming an actor; however, a service does not require a “role” qualification.
Note: The syntax described here for naming services also provides guidance for naming system resources and sets of services that define systems within use cases.
Use Case Overview
This section contains an overview of the use cases provided by the use cases presented in the next section along with identity and deployment classification information.
1.7Use Case Listing and Description of Goals
The following table provides an overview of the use cases presented in this document.
Entitlements or permissions of a subject during an access decision check can be obtained from a repository or service.
Attribute and Provider Reliability Indexes
The policy author is able to define a policy that allows for the real-time assessment of the reliability of an attribute provider or the individual reliability for any attribute it provides. This allows for varying levels of access control policy to be applied dependent on the value of the reliability index retrieved for the provider and/or its attributes. When reliability is low, the policy author defines more approval/controls and less access for the same decision matrix, applied to the same set of identity attributes. This should allow for better decisions to be made.
“Reliability Index” will help providers and consumers define, model and understand an integrity rating for a given attribute, set of attributes or attribute provider having the goal of creating meaningful access policies, policies that reflect the dependencies, reliability and overall risks inherent in the authorization system as a whole.
For authorization decisions that depend on the information belonging to other domains, which cannot be directly accessed due to privacy issues instead of recovering the required information, the authorization decision is delegated to the areas which could handle it, and the results of such delegated decisions are combined to form an appropriate decision.
Administrate distributed access control policies
Allow subsidiaries to implement their own policies where applicable but use a set of common policies for all (or a sub-set) of subsidiaries.
Cloud Authorization services perform access control decision on sensitive data. There is a need to log and audit the output and details of the authorization decision performed to trace the relevant events happened in the system.
Risk based access control systems
Cloud Authorization services may determine access based on a computation of security risk and operational need, not just proper comparison of attributes. In other words, for each Risk Level and kind of resource, a set of specific counter-measures to protect the resource has to be triggered. Moreover, this risk level could vary during the time, so they should adapt to different situation.
The administrator of authorization systems usually specifies the access privileges by defining access control policies. Administrative policies are necessary to control the administrators/special-users who modify the access control policies. This is especially relevant in scenarios where administrator could define policies outside its domain, for instance in distributed systems.
Cloud Authorization Service may provide administration capabilities to the Cloud Users so they could define certain delegation policies that want to temporary delegate some of access rights to another Cloud User, without directly involving the policies Administrator.
To be able to assure tenants’ compliance and security government access control policies need to be created, consistently managed and enforced. The authorization decisions may need to be governed or managed by geographical locations to enforce regional and national compliance policies.