MHonArc v2.5.0b2 -->
xacml message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: XACML-based web services policy assertion language
Colleagues,
I'm sorry to post twice on this, but apparently some XACML members did
not see the previous message and I was asked to post the information again.
There is a public OASIS discussion list just starting at
Post: dipal-discuss@lists.oasis-open.org
Subscribe: dipal-discuss-subscribe@lists.oasis-open.org
Archives: http://lists.oasis-open.org/archives/dipal-discuss/
on the topic of starting up a new OASIS TC to try to standardize a web
services policy assertion language. Sun has offered a specification
that uses XACML <Apply> elements as a possible starting point for such a
language.
Right now, under the best-known web services policy language frameworks,
each policy Assertion is a new schema element, whose semantics are
completely defined in the specification associated with the Assertion.
This means there can be no standard policy processor that can match two
Assertions or verify inputs against an Assertion; a policy processor
MUST have an Assertion-specific processing module to handle each
Assertion it supports. This makes life very hard for service brokers,
service compositors, service intermediaries, etc., which may need to
match policies between two services, or do some policy verification, but
may not have the Assertion-specific code modules for all the Assertions
in the policies they handle. XACML seems like such a good example of a
standard language for expressing things like "Assertions", that requires
no "domain-specific" modules, and a language like that would allow much
more "domain-independent" processing of policies, greatly increasing
interoperability.
There is more information related to this concept, including slides, a
white paper, and the "XACML-based Web Services Policy Assertion Language
(WS-PolicyConstraints)" specification at
http://research.sun.com/projects/xacml/
I encourage you to subscribe to the list and participate in the
discussion. Just posting "I think this is a great idea" (or not :-)
would be very helpful.
Regards,
Anne
--
Anne H. Anderson Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311 Tel: 781/442-0928
Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]