Terminology – HP Identity Driven Manager Software Series User Manual
Page 12
1-6
Welcome to Identity Driven Manager
Terminology
Terminology
Access Policy Group An IDM access policy group consists of one or more rules that govern the login times,
devices, quality of service, bandwidth, and VLANs for users assigned to the access
policy group.
Access Profile An IDM access profile sets the VLAN, quality of service, and bandwidth (rate-limits)
applied when a user logs in and is authenticated on the network.
Authentication The process of proving the user’s identity. In networks this involves the use of
usernames and passwords, network cards (smartcards, token cards, and so forth), and
a device’s MAC address to determine who and/or what the “user” is.
Authentication
Server
Authentication servers are responsible for granting or denying access to the network.
Also referred to as RADIUS servers because most current authentication servers
implement the RADIUS protocol.
Authorization The process that determines what an authenticated user can do. It establishes what
network resources the user is, or is not permitted to use.
Bandwidth Amount of network resources available. Generally used to define the amount of
network resources a specific user can consume at any given time. Also referred to as
rate-limiting.
Client An end-node device such as a management station, workstation, or mobile PC
attempting to access the network. Clients are linked to the switch through a point-to-
point LAN link, either wired or wireless.
Directory Name Directory Name (DN) is an identifier that uniquely represents an object in the X.500
Directory Information Tree (DIT) [X501]. (See: domain name.) A DN is a set of
attribute values that identify the path leading from the base of the DIT to the object
that is named. An X.509 public-key certificate or CRL contains a DN that identifies
its issuer, and an X.509 attribute certificate contains a DN or other form of name that
identifies its subject.
Domain A domain is a group of computers and devices on a network that are administered as
a unit with common rules and procedures. Within the internet, domains are defined
by the IP Address. All devices sharing a common part of the IP address are said to
be in the same domain.
Edge Device A network device (switch or wireless access point) that connects the user to the rest
of the network. The edge devices can be engaged in the process of granting user
access and assigning a user’s access rights and restrictions.