| 摘要 |
In general, techniques are described for translating authorization information within computer networks. For example, a first network device of a computer network may receive authentication information from an endpoint device requesting access to the computer network. The first network device authenticates the endpoint device based on this authentication information and stores authorization information in accordance with a first vendor-specific authorization data model. The first network device stores and applies an export translation policy to translate this information from the vendor-specific data model to a vendor-neutral authorization data model, which it then publishes to an intermediate storage device that implements the vendor-neutral data model. A second network device of the computer network may store an import translation policy to translate this same authorization information from the vendor-neutral authorization data model to a different vendor-specific data model. In this manner, the techniques facilitate translation of authorization information within computer networks. |
