Access Control Model (II)

• Basic ACI Attribute ldapACI

  • stores the AC information:
    • OID
    • scope (entry/ subtree)
    • rights (grant / deny)
      • grant; <permissions> <Attribute>
      • permissions: a, d, r, s, w, c, e, b
      • Attribute: “collection”, [“all”], [“entry”]
    • dnType (“accessid” / “group” / “role”, ...)
    • subjectDN (DN / “public” / “this”)

Previous slide

Next slide

Back to first slide

View graphic version