As yet another example protocols out there already, CORBA will ship any
XML based credentials using the CORBA CSIv2 (Common Secure Interoperabilty
Version 2) and ATLAS (Authorizatoin Token Layer Acquisiion Service)
standards. These are CORBA based protocols for trasnporting authorization
tokens for secure distributed object requests.
Cheers
-Polar
On Thu, 24 May 2001, ernesto damiani wrote:
> I agree, especially when you say that we do not need to reinvent the wheel..
> Having worked a lot on XML query languages in the last couple of years (I
> even was at the first W3C workshop on this subject ;-), interested people
> may take a look at http://xerox.elet.polimi.it) my personal opinion is that
> XQuery gives you a lot of expressive power.. and, at least for now, lots of
> trouble we do not need.
> There is a standard, robust, well-understood mechanism to refer to portions
> of XML data, and it is XPath (BTW, as you know most of the academic
> proposals towards access control languages for XML, including our own,
> exploit this mechanism for identifying objects).
> XSLT is based on XPath, and it seems very reasonable XSLT/XPath to be used
> to extract and process parts of an XACML policies' repository.
> Needless to say I do NOT think we should get involved with any lower level
> issue such as serialization etc.: our XACML info may travel inside a HTTP
> packet, be stored on disk as a XML text file or serialized using any other
> mechanism.
> Comments welcome...
>
> ernesto
>
>