Implementation of a network security policy

Controlling user and group participation in the domain and applying rules to resources that require protection determine the security policy for a domain. These rules are defined by access control lists (ACLs), protected object policies (POPs), and authorization rules.

The authorization service enforces these policies by matching the credentials of a user with the permissions in the policy assigned to the requested resource. The resulting recommendation is passed to the resource manager, which completes the response to the original request.