Privilege Management Infrastructure
A Privilege Management Infrastructure ( PMI ) solves the problem of authorization to access resources in computer networks .
A PMI consists of the following elements:
- Privilege auditor
- The privilege checker checks usage claims of privilege users.
- Privilege users
- The privilege user wants to use a certain resource and raises the usage claim based on a certificate issued by an attribute authority.
- Attribute Authority (AA)
- The Attribute Authority is authorized to assign rights with regard to the use of a specific resource.
- resource
- Service or infrastructure that the privilege user wants to use and whose accesses are controlled by the privilege checker.
A PMI can, for example, be created on the basis of X.509 . Usually attribute certificates are used.