OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only
Back to discussions
Expand all | Collapse all

RE: [xacml] Comment on hierarchical Resource

  • 1.  RE: [xacml] Comment on hierarchical Resource

    Posted 06-01-2004 17:55 
     MHonArc v2.5.0b2 -->


















    xacml message
    







    [Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]
    


    







    Subject: RE: [xacml] Comment on hierarchical Resource
    







    



    Michiharu's proposal does not "break the notion of bag of same
typed elements".  He proposed DataType "anyURI" for the reference
to the entire document, and DataType "xpath-expression" for the
reference to the particular portion of the document to be
accessed.  A ResourceAttributeDescriptor must include the
DataType, and so the resulting bag would only contain the
resource-id Attributes of the designated type.

I objected to this aspect of Michiharu's proposal on other
grounds, however: they are referring to two different things.
See my first response in Michiharu's "Comment on hierarchical
Resource" thread for more on this.

Anne

On 1 June, Daniel Engovatov writes: RE: [xacml] Comment on hierarchical Resource
 > From: Daniel Engovatov <dengovatov@bea.com>
 > To: Michiharu Kudoh <KUDO@jp.ibm.com>, XACML TC <xacml@lists.oasis-open.org>
 > Subject: RE: [xacml] Comment on hierarchical Resource
 > Date: Tue, 01 Jun 2004 10:16:06 -0700
 > 
 > 
 > That is exactly the problem with multiple resource-id attributes:  it
 > will break the notion of bag of same typed elements.  Very, very bad
 > idea in my opinion.  Does not fit well with everything else.
 > 
 > 
 > 
 > >As I wrote in my previous email, I would prefer to specify two
 > resource-id
 > >attribute with different data types in one request context in the case
 > of
 > >XML document. For example, if the user accesses of BoD element
 > >(/md:record/md:patient/md:BoD) of XML document of
 > >http://medico.com/medicalrec/Bert, the request context would have the
 > >following two resource-id attributes:
 > 
 > >resource-id of http://medico.com/medicalrec/Bert with datatype anyURI
 > (optional)
 > >resource-id of /md:record/md:patient/md:BoD with datatype
 > xpath-expression
 > 
 > 
 > 
 > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workgroup.php.
 > 

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692


    





    







    


    [Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]


Related Content