This website uses cookies to ensure you get the best experience on our website.
Learn more
OK
Skip main navigation (Press Enter).
Log in
Toggle navigation
Search Options
Log in
Workspace Home
Communities
My Communities
All Communities
Member Home (Admin)
OASIS eXtensible Access Control Markup Language (XACML) TC
×
Community Home
Discussion
10.6K
Meetings
2
Members
53
View Only
Back to discussions
Expand all
|
Collapse all
sort by most recent
sort by thread
Break the Glass policies
David Chadwick
12-12-2009 23:45
I have just returned from ACSAC in Hawaii where I presented a paper on the BTG-RBAC model. BTG is equivalent ...
Rich Levinson
12-14-2009 06:41
Hi David, At the RSA 2008 Interop, we demonstrated an "emergency override" capability that I believe ...
Dilli Arumugam
12-14-2009 07:08
David, If I undesrstand you right, you want PEP to know at the end of first call that access is allowed ...
David Chadwick
12-15-2009 21:04
Hi Dilli Dilli Dorai wrote: > David, > If I undesrstand you right, you want PEP to know at ...
David Chadwick
12-15-2009 20:36
Hi Rich I knew about the RSA Interop but could not find details of the way BTG was actually implemented. ...
Rich Levinson
12-15-2009 23:53
Hi David, Are you aware that there is inappropriate content being attached to your emails as they ...
Ludwig Seitz
12-14-2009 07:52
Hi David, you might want to look at this: http://portal.acm.org/citation.cfm?id=1263871 I think it ...
Martin Smith
12-14-2009 14:23
David, all -- In looking at access policies based on formal policy authorities (like laws and frederal ...
David Chadwick
12-15-2009 21:38
Hi Martin at the NIST PMI conference in September the DoD had a similar concept of overriding access ...
Martin Smith
12-16-2009 00:41
David -- Agree with your considerations. FWIW, I was visualizing this from the ujser interaction ...
David Chadwick
12-17-2009 09:42
Hi Martin Smith, Martin wrote: > David -- Agree with your considerations. FWIW, I was visualizing ...
Martin Smith
12-17-2009 18:08
David -- I have not delved in obligations, so I can't make any meaningful comment. The list of ...
Erik Rissanen
12-19-2009 11:19
Martin, David, All I have not understood all the specifics in this discussion, but I think the ...
Rich Levinson
12-21-2009 03:24
Hi Erik, I found your email to be a very interesting and instructive analysis. I am still not ...
Dilli Arumugam
12-21-2009 05:11
Agree with Rich. State would be maintained in ldap directory or an rdbms or things like that ...
Erik Rissanen
12-21-2009 08:44
Hi Dilli and Rich, Yes, I intended that state is not put at the PDP. It's part of the PIP ...
David Chadwick
12-21-2009 23:45
Hi Dilli the problem is that the amount of state information could be huge, with different ...
David Chadwick
12-21-2009 23:42
Hi Erik I agree it would be good to work on stateful policies for XACMLv4. We have been building ...
Robin Cover
12-14-2009 14:45
On Mon, 14 Dec 2009, Ludwig Seitz wrote: > Hi David, > > you might want to look at this: > ...
David Chadwick
12-15-2009 21:29
David Chadwick
12-15-2009 20:57
Hi Ludwig yes I am aware of Babak and Erick's paper. But this is an extremely complex way of achieving ...
Seth Proctor
12-14-2009 14:02
FYI, the way I have implemented this in the past is by hitting a point in the policy evaluation where ...
David Chadwick
12-15-2009 21:18
Hi Seth this is an interesting approach and one I had not considered before. But I think it still ...
Seth Proctor
12-16-2009 02:25
Hi David. You raise some interesting points, but respectfully I have to disagree with you. > ...
Martin Smith
12-16-2009 03:29
Seems to me the general (and typical) case is that a policy may call for more info than is provided ...
David Chadwick
12-17-2009 09:42
Hi Seth I guess we will just have to disagree on your point about the semantics of the actual return ...
Seth Proctor
12-17-2009 13:33
Hi David. I'm not sure where the disconnect is here, but let me try one more time.. > The real ...
David Chadwick
12-22-2009 00:02
Hi Seth I think the real disconnect was highlighted by Martin. I am wanting to remove as much ...
1.
Break the Glass policies