标准摘要
[中文适用范围]: 本文件定义并建立了访问管理 (AM) 框架以及访问信息和信息通信技术 (ICT) 资源的过程的安全管理,并与某些情况下主体的责任相关。本文件提供了适用于网络环境中分布式访问管理技术的概念、术语和定义。本文件还提供了有关相关架构、组件和管理功能的说明。访问管理中涉及的主体可以唯一地识别为访问信息系统,如 ISO/IEC 24760 系列中所定义。访问管理系统中涉及的物理访问控制的性质和质量超出了本文件的讨论范围。 [外文原描述]: This document defines and establishes a framework for access management (AM) and the secure management of the process to access information and information and communications technologies (ICT) resources, associated with the accountability of a subject within some contexts. This document provides concepts, terms and definitions applicable to distributed access management techniques in network environments. This document also provides explanations about related architecture, components and management functions. The subjects involved in access management can be uniquely recognized to access information systems, as defined in the ISO/IEC 24760 series. The nature and qualities of physical access control involved in access management systems are outside the scope of this document.
英文名称Information technology - Security techniques - A framework for access management