OASIS eXtensible Access Control Markup Language (XACML) TC

The minutes of the last telecon stated "John Tolbert.. [suggested that BTG] may be more appropriately referred to as Risk Adaptive Access Control." I do not agree with this for the following reasons 1. Risk adaptive access control has mechanisms to both override grants and turn them into denies (when the risk is high) and override denies and turn them into grants (when the risk is low). 2. Risk adaptive access control relies on intelligent machine components to make the risk decisions and decide whether to reverse the PDP's decision. BTG has neither of the above. 3. BTG only allows a deny to be turned into a grant 4. BTG relies on the intelligent authorised user to make the BTG override decision at the time of access Regards David ***************************************************************** David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 *****************************************************************

I think John was attempting to classify BTG as a special case of something more generic. I agree with this line of investigation (though not necessarily with his suggestion that it is an instance of RAAC). David's proposal looks like a very particular solution to what might be a more general problem, and if that is true we would arrive at a better standard by analyzing a range of related use cases to abstract the essential elements into a general case. Regards, --Paul >
Original Message----- > From: David Chadwick [ mailto:d.w.chadwick@kent.ac.uk ] > Sent: Friday, February 11, 2011 13:26 > To: xacml > Subject: [xacml] Risk adaptive vs BTG > > The minutes of the last telecon stated "John Tolbert.. [suggested that > BTG] may be more appropriately referred to as Risk Adaptive Access > Control." > > I do not agree with this for the following reasons > > 1. Risk adaptive access control has mechanisms to both override grants > and turn them into denies (when the risk is high) and override denies > and turn them into grants (when the risk is low). > > 2. Risk adaptive access control relies on intelligent machine > components > to make the risk decisions and decide whether to reverse the PDP's > decision. > > BTG has neither of the above. > > 3. BTG only allows a deny to be turned into a grant > 4. BTG relies on the intelligent authorised user to make the BTG > override decision at the time of access > > Regards > > David > > > ***************************************************************** > David W. Chadwick, BSc PhD > Professor of Information Systems Security > School of Computing, University of Kent, Canterbury, CT2 7NF > Skype Name: davidwchadwick > Tel: +44 1227 82 3221 > Fax +44 1227 762 811 > Mobile: +44 77 96 44 7184 > Email: D.W.Chadwick@kent.ac.uk > Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html > Research Web site: > http://www.cs.kent.ac.uk/research/groups/iss/index.html > Entrust key validation string: MLJ9-DU5T-HV8J > PGP Key ID is 0xBC238DE5 > > ***************************************************************** > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

I think Paul has expressed my intent better than I did. I do see BTG as a specific instance of a more general category of use cases (perhaps not unlike the XSPA demo I saw at OASIS IdM last fall). David, I do like the second formulation of BTG (using obligations) better. I suppose I would suggest a broader discussion of how the TC would like to address this category of work over the long term.
Original Message----- From: Tyson, Paul H [ mailto:PTyson@bellhelicopter.textron.com ] Sent: Friday, February 11, 2011 11:48 AM To: xacml Subject: RE: [xacml] Risk adaptive vs BTG I think John was attempting to classify BTG as a special case of something more generic. I agree with this line of investigation (though not necessarily with his suggestion that it is an instance of RAAC). David's proposal looks like a very particular solution to what might be a more general problem, and if that is true we would arrive at a better standard by analyzing a range of related use cases to abstract the essential elements into a general case. Regards, --Paul >
Original Message----- > From: David Chadwick [ mailto:d.w.chadwick@kent.ac.uk ] > Sent: Friday, February 11, 2011 13:26 > To: xacml > Subject: [xacml] Risk adaptive vs BTG > > The minutes of the last telecon stated "John Tolbert.. [suggested that > BTG] may be more appropriately referred to as Risk Adaptive Access > Control." > > I do not agree with this for the following reasons > > 1. Risk adaptive access control has mechanisms to both override grants > and turn them into denies (when the risk is high) and override denies > and turn them into grants (when the risk is low). > > 2. Risk adaptive access control relies on intelligent machine > components to make the risk decisions and decide whether to reverse > the PDP's decision. > > BTG has neither of the above. > > 3. BTG only allows a deny to be turned into a grant 4. BTG relies on > the intelligent authorised user to make the BTG override decision at > the time of access > > Regards > > David > > > ***************************************************************** > David W. Chadwick, BSc PhD > Professor of Information Systems Security School of Computing, > University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick > Tel: +44 1227 82 3221 > Fax +44 1227 762 811 > Mobile: +44 77 96 44 7184 > Email: D.W.Chadwick@kent.ac.uk > Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html > Research Web site: > http://www.cs.kent.ac.uk/research/groups/iss/index.html > Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is 0xBC238DE5 > > ***************************************************************** > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php