OASIS eXtensible Access Control Markup Language (XACML) TC

 View Only
  • 1.  Tickets ?

    Posted 05-30-2001 04:51
    Having thought over the XACML issue, and the connected areas, mixed with my
    experience in consulting for implementation of "Profile Based User Rights
    Adminstration Systems", as well as being practical, I jump to some issues:
    
    1. How will XACML information be provided ?
    - Initially (LDAP ?) and for later use (Kerberos tickets ?)
    
    2. If XACML is added as a header to the XML document it is meant to protect,
    this will only work with XACML aware software. E.g Notepad or VI will just
    read the text document, and reveal all of it to the reader.
    
    3. This one is ouch, and I hope that we all will say NO: Should XACML be
    coupled together with encryption of document content ?
    
    JJ