The process of assigning digital rights to users which can then be used in conjunction with an access control system to obtain access to some resource; the management infrastructure covers, for example, the allocation, renewal, and revocation of users rights.
Published in Chapter:
An Overview of Privilege Management Infrastructure (PMI)
Darren P. Mundy (University of Hull, UK) and Oleksandr Otenko (Oracle Corporation, UK)
Copyright: © 2009
|Pages: 6
DOI: 10.4018/978-1-60566-014-1.ch153
Abstract
Public key infrastructures (PKI) are now in place in a number of organizations and there is a vast amount of material available that can be used to obtain familiarisation with the concept (Adams & Lloyd, 2002; Raina, 2003). Although related to PKI, privilege management infrastructure (PMI) is a more recent development in the network security field. PMI has been designed to supply the authorization function lacking in the PKI model. This article will provide an overview of PMI, will provide a number of examples of present PMI architectures, such as PERMIS (Chadwick, Zhao, Otenko, Laborde, Su, & Nguyen, 2006), AKENTI (Thompson, Essari, & Mudumbai, 2003), and Shibboleth (Carmody, 2001), and will provide some examples of practical PMI usage.