WPC 2%.BpTzW"S^11>bbu"::Dg1:11bbbbbbbbbb11gggbuuuk1Xubuukuuuk111Rb:bbXbb1bb''X'bbbb:X1bXXXX;.;g:=::m:::mmmmm::::::mm:k1mubububububXubububub11111111bbbbbbbbbuXubbkbuXmmmmumububXXXXbububububbmbbbbbb:k:k::=kmmX:uXb'b:b:b:b'bmbbbb:::uXuXuXuXk:k:k:mbbbmbuXkXkXKQmmmm^b:kbbbbmbA@mmbmmbmmmmmmm:b:mmmbbmmmmmmmmmmmmXXmmmmmmmmmmmmmmmmmmcm`m`mm`m:mmmmmm}}}mjjmmmmmmmmmmmmmmm0mm}mmmmmmmmmmmmmmmmmmmmmmm}Mmmmmmmmmmmmmjmmmtmmmmmmmmm`'mmm`mmjmlWmmmmmmmmmmmmmmmmmmmW`mmmmjmM#|qa@,`H1`D4PkCQMS PS Jet Plus /800 II QPJPII.PRSPl`D4PkCg2 WY.a W-#|q"S^11>bbu"::Dg1:11bbbbbbbbbb11gggbuuuk1Xubuukuuuk111Rb:bbXbb1bb''X'bbbb:X1bXXXX;.;g:=::m:::mmmmm::::::mm:k1mubububububXubububub11111111bbbbbbbbbuXubbkbuXmmmmumububXXXXbububububbmbbbbbb:k:k::=kmmX:uXb'b:b:b:b'bmbbbb:::uXuXuXuXk:k:k:mbbbmbuXkXkXKQmmmm^b:kbbbbmbA@mmbmmbmmmmmmm:b:mmmbbmmmmmmmmmmmmXXmmmmmmmmmmmmmmmmmmcm`m`mm`m:mmmmmm}}}mjjmmmmmmmmmmmmmmm0mm}mmmmmmmmmmmmmmmmmmmmmmm}Mmmmmmmmmmmmmjmmmtmmmmmmmmm`'mmm`mmjmlWmmmmmmmmmmmmmmmmmmmW`mmmmjmMQMS PS Jet Plus /800 II QPJPII.PRSPl`D4PkCg2 *xHelveticaCourier@,`H1`D4PkCmQrrr r  @C ` X` hp x (#%'HpP    x|@  3'3'Standard6'6'StandardC6QMS $=R- <APPENDIX 1 <" <(to Recommendation Z.331) <"Usersystem access control administration I.1HGeneral HThis appendix has been developed in accordance to the methodology defined in Recommendations Z.332 and Z.333. HThe main part of this appendix deals with the model of UserSystem Access Control Administration. A glossary of the terms used is also included. HThe list of functions to be controlled and the list of jobs are contained in AnnexA. HFor each function to be controlled by means of MML, one or more functions can be derived and each of them can be described using the metalanguage defined in RecommendationZ.333 in order to detail the relevant information structure. HAnnexB contains a list of MML functions and information structure diagrams associated to each of them to be used as guidelines. I.2HIntroduction HUsersystem access control (here and after access control) is provided within a system to restrict the input allowed to be entered in order to prevent unauthorized system modification and or viewing of information. HAccess control is the system function which performs the control of the access to systems and their functions by the users. HAccess control administration is defined as the administration of the access rights of the users. HThis Recommendation mainly covers human beings as users. HMachine to machine access control administration is not covered by this appendix. HIt is therefore recognized that this appendix will require further study within a wider scenario including the various aspects of access control (manmachine, machinemachine, etc.). I.3HAccess control model I.3.1HIntroduction HAccess criteria are defined to be the attributes that characterize the access to the system. HPermissions are defined to be the rights granted to the user. HAuthority is defined to be the relationship between the F- access criteria and the permissions. HThe inputs submitted are accepted by the system, provided that the system has verified the authority to enter them. I.3.2HModel HThe main attributes (see Figure I1/Z.331) which have been adopted to identify access criteria and permissions are the following (other attributes of the two categories can be adopted depending on the administration's needs): Ha)  for access criteria H user identity H terminal identity H time interval Hb)  for permissions H command class H command parameters H system identity H time interval HSome of the attributes listed above may not be implemented according to administration requirements. HIn order to facilitate access control administration, groups may be formed in terms of single access control attributes (e.g. group of user identities can form a maintenance group). HAn example of implementation is represented in FigureI2/Z.331.  F-Ԍ   Authority   Access criteria Permissions   User Terminal Time System Command Command  identity identity interval identity class parameters   User 1 Terminal Any Any Any Any   1       User 1 Terminal 8 17h System 1 Subscrib. Direct   2 Monday  Administr. numb.  F-   through   81000    Friday   82000   User 2 Terminal 20 8h System 1 Junction Junction   3   maintenance identity       1A23 1800   User 3 Any 8 17h System 2 Subscrib. Direct      maintenance numb.       73000       87000   Any Terminal 8 17h Any Subscrib.    4   administr.                    <FIGURE I2/Z.331 <" <Example of applicationă <" I.3.3HAttributes of access control HIn the following the meaning of the main attributes which are likely to be used in the access control administration, is described. Ha)  User identity H The user identity results from the identification procedure (see RecommendationZ.317) and uniquely identifies the user to the system.x H In the identification procedure usually the identity of the individual user is used.x Hb)  Terminal identityx H The terminal identity is the identity of the I/O device as known to the system, via its hardware or logical connection.x Hc)  Time intervalx H The access control may depend on the time when the input is entered and/or executed.x Hd)  Command classx F-Ԍ H A command class can be either a single command code (see Recommendation Z.315) or an identifiable set of command codes.x He)  System identity H System identity is the identity of the system or an application in which the command is allowed to be performed. In a centralized support system, individual systems connected to it may have their own access control. Alternatively, centralized control may be used based on the identity of the system addressed.x Hf)  Command parameters H Access control may depend on a parameter (see x H Recommendation Z.315) or a combination of parameters. The control may be based on either the parameter name or the parameter name and its values.x H If a parameter is considered, it may be desirable to limit such use to major objects in the system relevant to specific x H O&M Administration needs.x I.4HGlossary of terms Access criteria HThe set of attributes that characterize the access to the system. Example attributes are user identity and terminal identity. Permissions HThe rights granted to the user. Authority HThe relationship between access criteria and permissions. Terminal identity HIdentifies a physical terminal, a channel or a port to an SPCsystem. I.5HList of functions and jobs I.5.1 HList of system independent Class B functions I.5.1.1HAdministering authority I.5.1.2HRetrieving authority information I.5.2HList of jobs I.5.2.1HTo create/change authority H the purpose of the job is to create/change a specific authority by means of managing the relevant attributes;x  F-ԌH the system is supposed to record the data and check their correctness;x H the operator is supposed to input all needed data;x H the complexity of the job may be high depending on the amount of the data to be input;x H the frequency of the job is low.x I.5.2.2HTo delete a specific authority H the purpose of the job is to delete all the data related to the specific authority;x H the system is supposed to delete the data related to the authority;x H the operator is supposed to input the identity of the authority to be deleted;x H the complexity of the job is low;x H the frequency of the job is low.x I.5.2.3HTo interrogate the authority information H the purpose of the job is to retrieve authority information;x H the system is supposed to output the requested information on the selected device;x H the operator is supposed to input the identity of the access control attributes;x H the complexity of the job is low;x H the frequency of the job is low.x I.5.2.4HTo activate/deactivate an authority H the purpose of the job is to activate/deactive a specific authority previously created/changed; this job may be implied in the creation/changing job;x H the system is supposed to activate/deactivate the authority;x H the operator is supposed to input the date and the time for the activation/deactivation and the identity of the authority;x H the complexity of the job may be medium;x H the frequency of the job is low.x I.6HGuidelines for the list of MML Functions and associated information Hstructure diagrams I.6.1HIntroduction  F-ԌHThis section contains guidelines for the list of MML functions and associated structure diagrams related to the access control administration model defined in section 3 of this Recommendation. I.6.2HList of MML functions HThis list contains possible MML functions for the Access Control Administration. HThis list is not mandatory nor complete; it may vary according to administration needs, telecommunication network levels, regulatory needs, etc. I.6.2.1HCreation H create authority I.6.2.2HChanging H change authority I.6.2.3HDeletion H delete authority I.6.2.4HInterrogation H interrogate authority I.6.2.5HActivation/deactivate H activate/deactive authority I.6.3HInformation structure diagrams H(to be developed)