An information security process where
information is encrypted and can only be accessed by owners of the corresponding decryption key.
All communication and long term persistence of private content,
resources should be encrypted,
and keys managed the accordingly. See also
type that defines responsibility, accountability, access
policies, and tracking between
The process of
by constraining access of subject resources over object resources,
in real-time, on every access, with
to ensure that: users are given access only to all resources that they are entitled to, for any given context.
Entitlement is expressed, modeled, and managed as a resource
type, that defines access rights, roles, and policies between resources.
Entitlement is at the root of distributedvirtualprofileapplications,
because of the important associated security considerations.
Entitlement is a fundamental information and
knowledge sharing enabler, combining
with resource management to offer secure information sharing and access.
Run-time entitlement is provided and enforced by the
DNAOS Reference Monitor.
As knowledge naturally maps to
as consequently resources are everything,
and as tradition (e.g. databases, UML) and logic typically differentiate entities and
entities are resources that are not relations (e.g. that do not also define relations between other resources).
Unfortunately, [ISO TC97/SC5/WG3 TR 9007 (1982)] defines entity as "any concrete or abstract thing of interest, including
associations between things.",
breaking with common usage, tradition, and logic, especially as beings, for example, are not typically referred to as things,
but commonly as resources.
Entity is also sometime used as a
party or owner resources, which we will also avoid,
to try to limit confusion, especially as party and owner already describes those resources.
A sequence of
Calculating the value of resources.
The assessment of resources against defined criteria.
Events are actionresources that
Event complexity can vary considerably, from simple signals to rich