OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only
  • 1.  Policy language presentation

    Posted 08-25-2011 21:41
    TC and Andrea, I had to leave today's meeting after an hour so did not hear the last of the presentation or subsequent discussion. I was reminded of a paper that Andrea and the TC might find interesting (if you have not already seen it): Barker, Steve. "The Next 700 Access Control Models or a Unifying Meta-Model?" SACMAT'09, June 3-5, 2009, Stresa, Italy. http://portal.acm.org/citation.cfm?id=1542238 The author is not friendly to XACML: "A sceptical reader might also argue that a general language for access control policy specification has already been described in the access control literature: XACML [20]. However, in our view, it is essential to define a general access control language in terms of a well-defined access control model with a sound formal semantics (rather than developing ad hoc access control languages with hopelessly inadequate formal semantics, as is the case with XACML). In addition to its unsatisfactory formal underpinnings, XACML is not based on a well defined conceptual model of access control. Attempts to retrofit aspects of access control models (via profiles) have not been satisfactory." Regards, --Paul


  • 2.  Re: [xacml] Policy language presentation

    Posted 08-27-2011 00:44
    This is a criticism that could be applied broadly to xml "standards." Seems everyone invents a little progtamming language of his own (with yet another metadata vocab.) Where to begin to clean this profusion?? Martin