Skip to content

Class: Authorization

The Authorization Result object provides details about the authorization

outcome and associated policies related to activity.

URI: ocsf:Authorization

 classDiagram
    class Authorization
    click Authorization href "../Authorization/"
      Object <|-- Authorization
        click Object href "../Object/"

      Authorization : decision

      Authorization : policy





        Authorization --> "0..1" Policy : policy
        click Policy href "../Policy/"

Inheritance

Slots

Name Cardinality and Range Description Inheritance
decision 0..1 recommended
String		 Authorization Result/outcome, e direct
policy 0..1
Policy		 Details about the Identity/Access management policies that are applicable direct

Usages

used by used in type used
Actor authorizations range Authorization
SecurityControlProfile authorizations range Authorization
BaseEvent authorizations range Authorization
ApplicationEvent authorizations range Authorization
ApiActivity authorizations range Authorization
ApplicationError authorizations range Authorization
ApplicationLifecycle authorizations range Authorization
DatastoreActivity authorizations range Authorization
FileHosting authorizations range Authorization
ScanActivity authorizations range Authorization
WebResourceAccessActivity authorizations range Authorization
WebResourcesActivity authorizations range Authorization
DiscoveryEvent authorizations range Authorization
AdminGroupQuery authorizations range Authorization
CloudResourcesInventoryInfo authorizations range Authorization
ConfigState authorizations range Authorization
DeviceConfigStateChange authorizations range Authorization
DiscoveryResult authorizations range Authorization
EvidenceInfo authorizations range Authorization
FileQuery authorizations range Authorization
FolderQuery authorizations range Authorization
InventoryInfo authorizations range Authorization
JobQuery authorizations range Authorization
KernelObjectQuery authorizations range Authorization
ModuleQuery authorizations range Authorization
NetworkConnectionQuery authorizations range Authorization
NetworksQuery authorizations range Authorization
OsintInventoryInfo authorizations range Authorization
PatchState authorizations range Authorization
PeripheralDeviceQuery authorizations range Authorization
ProcessQuery authorizations range Authorization
ServiceQuery authorizations range Authorization
SessionQuery authorizations range Authorization
SoftwareInfo authorizations range Authorization
StartupItemQuery authorizations range Authorization
UserInventory authorizations range Authorization
UserQuery authorizations range Authorization
ApplicationSecurityPostureFinding authorizations range Authorization
ComplianceFinding authorizations range Authorization
DataSecurityFinding authorizations range Authorization
DetectionFinding authorizations range Authorization
Finding authorizations range Authorization
IamAnalysisFinding authorizations range Authorization
IncidentFinding authorizations range Authorization
SecurityFinding authorizations range Authorization
VulnerabilityFinding authorizations range Authorization
IamEvent authorizations range Authorization
AccountChange authorizations range Authorization
Authentication authorizations range Authorization
AuthorizeSession authorizations range Authorization
EntityManagement authorizations range Authorization
GroupManagement authorizations range Authorization
UserAccess authorizations range Authorization
NetworkEvent authorizations range Authorization
DhcpActivity authorizations range Authorization
DnsActivity authorizations range Authorization
EmailActivity authorizations range Authorization
EmailFileActivity authorizations range Authorization
EmailUrlActivity authorizations range Authorization
FtpActivity authorizations range Authorization
HttpActivity authorizations range Authorization
NetworkActivity authorizations range Authorization
NetworkFileActivity authorizations range Authorization
NtpActivity authorizations range Authorization
RdpActivity authorizations range Authorization
SmbActivity authorizations range Authorization
SshActivity authorizations range Authorization
TunnelActivity authorizations range Authorization
FileRemediationActivity authorizations range Authorization
NetworkRemediationActivity authorizations range Authorization
ProcessRemediationActivity authorizations range Authorization
RemediationActivity authorizations range Authorization
SystemEvent authorizations range Authorization
EventLogActvity authorizations range Authorization
FileActivity authorizations range Authorization
KernelActivity authorizations range Authorization
KernelExtensionActivity authorizations range Authorization
MemoryActivity authorizations range Authorization
ModuleActivity authorizations range Authorization
PeripheralActivity authorizations range Authorization
ProcessActivity authorizations range Authorization
ScheduledJobActivity authorizations range Authorization
ScriptActivity authorizations range Authorization
UnmannedSystemsEvent authorizations range Authorization
AirborneBroadcastActivity authorizations range Authorization
DroneFlightsActivity authorizations range Authorization
PrefetchQuery authorizations range Authorization
RegistryKeyActivity authorizations range Authorization
RegistryKeyQuery authorizations range Authorization
RegistryValueActivity authorizations range Authorization
RegistryValueQuery authorizations range Authorization
WindowsResourceActivity authorizations range Authorization
WindowsServiceActivity authorizations range Authorization

In Subsets

Aliases

  • Authorization Result

Identifier and Mapping Information

Schema Source

Mappings

Mapping Type Mapped Value
self ocsf:Authorization
native ocsf:Authorization

LinkML Source

Direct

name: Authorization
description: 'The Authorization Result object provides details about the authorization

  outcome and associated policies related to activity.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Authorization Result
is_a: Object
slots:
- decision
- policy
slot_usage:
  decision:
    name: decision
    description: Authorization Result/outcome, e.g. allowed, denied.
    recommended: true
  policy:
    name: policy
    description: Details about the Identity/Access management policies that are applicable.

Induced

name: Authorization
description: 'The Authorization Result object provides details about the authorization

  outcome and associated policies related to activity.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Authorization Result
is_a: Object
slot_usage:
  decision:
    name: decision
    description: Authorization Result/outcome, e.g. allowed, denied.
    recommended: true
  policy:
    name: policy
    description: Details about the Identity/Access management policies that are applicable.
attributes:
  decision:
    name: decision
    description: Authorization Result/outcome, e.g. allowed, denied.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Authorization Decision/Outcome
    rank: 1000
    alias: decision
    owner: Authorization
    domain_of:
    - Authorization
    range: string
    recommended: true
  policy:
    name: policy
    description: Details about the Identity/Access management policies that are applicable.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Policy
    rank: 1000
    alias: policy
    owner: Authorization
    domain_of:
    - PermissionAnalysisResult
    - AdditionalRestriction
    - Assessment
    - Authorization
    - DataClassification
    - DataSecurity
    - ManagedEntity
    - SecurityControlProfile
    - ScanActivity
    - AccountChange
    range: Policy