2.3.2 Dependencies on Other Systems/Components

The authorization system depends on the following components and protocols:

  • The DAC model depends on the following components on the server computer:

    • Local Security Authority (LSA) database for the user privileges and policies

    • SAM database for the local user groups

  • In addition to the components of the DAC model mentioned previously, the CBAC model depends on the following components:

    • The client implementation of the Group Policy: Central Access Policies Protocol [MS-GPCAP] to retrieve the central access policies (CAPs) and file classification rules

    • Lightweight Directory Access Protocol (LDAP) client components to retrieve the claim definitions

    • The server implementation of the Central Access Policy Identifier (ID) Retrieval Protocol [MS-CAPR] to provide the Admin interface, which enables the administrator to enforces the policies on file resources

  • The AzMan RBAC model depends on the following components:

    • LDAP

    • File access (CIFS)

    • SQL Server protocol components to retrieve the policies from the Group Policy server, depending on the type of policy server

  • In addition to the dependencies mentioned under DAC model, the COM+ role access control model depends on the following components:

    • Components that are related to the implementation of the Component Object Model Plus (COM+) Remote Administration Protocol [MS-COMA]