The process by which a privilege given to one party can be transferred to another party either for an indeterminate or definite period of time.
Published in Chapter:
An Overview of Privilege Management Infrastructure (PMI)
Darren P. Mundy (University of Hull, UK) and Oleksandr Otenko (Oracle Corporation, UK)
Copyright: © 2009
|Pages: 6
DOI: 10.4018/978-1-60566-014-1.ch153
Abstract
Public key infrastructures (PKI) are now in place in a number of organizations and there is a vast amount of material available that can be used to obtain familiarisation with the concept (Adams & Lloyd, 2002; Raina, 2003). Although related to PKI, privilege management infrastructure (PMI) is a more recent development in the network security field. PMI has been designed to supply the authorization function lacking in the PKI model. This article will provide an overview of PMI, will provide a number of examples of present PMI architectures, such as PERMIS (Chadwick, Zhao, Otenko, Laborde, Su, & Nguyen, 2006), AKENTI (Thompson, Essari, & Mudumbai, 2003), and Shibboleth (Carmody, 2001), and will provide some examples of practical PMI usage.