In early Private Branch Exchange (PBX) development, an administrator controlled all aspects of security and access control. Over the last few decades, the PBX model of only allowing administrative control has started to change. Today, control of certain PBX features has been extended to telephones, gateways, data networks, feature servers, and other equipment. When control of these features becomes more distributed, the question arises as to what elements can be trusted. Instead of having a single trusted administrator that controls every feature, now there may be many different elements that have the ability to administer security and access control for various features. The current approach has been to consider whether each element can be trusted with full administrative privileges. In many cases, granting full administrative privileges to all aspects of a communication feature may not be acceptable. In addition, with the distributed architecture, it may be difficult to easily add administrative access for new elements that may request access to the PBX features without making software modifications.
To develop a common authorization service, standards, such as Open Standard Authorization (OAuth) provides a common framework that allows a user to control access to applications. However, OAuth does not address a corporate environment where further access control is desired, such as administrative control.