Object space management

Security Verify Access represents resources to be protected with a virtual representation of the object space called the protected object space.

An object space consists of resource objects and container objects. Resource objects are logical representations of resources to be protected. Use Container objects to group resource objects and other container objects hierarchically into logical groups or regions. Grouping similar objects makes it easier to administer a consistent security policy.

Security policy is applied by attaching access control list (ACL) policies, protected object policies (POPs), and authorization rules to the objects in the object space. These objects represent the physical resources we want to protect. The ISAM authorization service evaluates user credentials and the conditions specified in the security policy. Then, Security Verify Access determines whether to permit or deny access to resources. The following object spaces are created during the installation of ISAM products:

• The /Management object space during the installation of any Security Verify Access product, if it does not exist
• The /WebSEAL object space during the installation of ISAM

In the following sections, instructions are provided for using either Web Portal Manager or pdadmin, or both. For online help while usingWeb Portal Manager, click the question mark to open a separate help window for the current page. There are no equivalent pdadmin commands for importing, exporting, and copying object spaces.

• Create an object space
  
• List object spaces
  
• Copy an object space with Web Portal Manager
  
• Import object spaces with Web Portal Manager
  
• Export object spaces with Web Portal Manager
  
• Delete an object space
  

Parent topic: Verify Access Platform and Supporting Components administration