IDEF Functional Model AUTHORIZATION
|This article is under construction and should not be considered complete.
Last modified by Tomjones
Used in the Baseline Functional Requirements v1.0
"Authorization" is defined in the IDEF Functional Model in part as a "Process of granting or denying specific requests for access to resources."
The Functional Model, published as a PDF here: download link, generally sorts core identity management operations into five categories of activities and services, including identity authorization: a full description of this activity type can be found in that document. Among other things, the Functional Model sets forth the following table of functions included within "authorization" in its Functional Elements Descriptions Matrix:
|Authorization Request||Process by which ownership of a credential is conferred, confirmed, or associated with a digital identity.|
|Attribute Control||Process of managing and releasing attributes for the purposes of registration or authorization.|
|Attribute Verification||Process of confirming or denying that claimed attributes are correct and meet the pre-determined requirements for authorization; typically, these attributes for authorization have not been bound to the credential or previously available to the organization making the authorization decision.|
|Authorization Decision||Decision to grant and deny access to a resource based on the results of the authorization processes and policies.|