MHonArc v2.4.5 -->
















xacml message






[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]








Subject: item "G" alternative: indexing hints




From: "Simon Godik" <simon.godik@overxeer.com>
To: <xacml@lists.oasis-open.org>
Date: Thu, 12 Jun 2003 01:09:50 -0700









Item "G" aims to solve indexing problem by creating 
new element in the rule head.
 
A simple alternative would be to provide indexing 
hints in the Policy element.
We can define IndexingHints element as a child of 
the Policy element.
It would contain a sequence of attribute 
designators for indexing.
 
<xs:complexType 
name="IndexingHintsType">
<xs:sequence minOccurs="0" 
maxOccurs="unbounded">
    <xs:choice>
        
<xs:element ref="xacml:SubjectAttributeDesignator"/>
        
<xs:element ref="xacml:ResourceAttributeDesignator"/>
        
<xs:element ref="xacml:ActionAttributeDesignator"/>
        
<xs:element ref="xacml:EnvironmentAttributeDesignator"/>
    </xs:choice>
</xs:sequence>
</xs:complexType>
 
<Policy ...>
    
<IndexingHints>
        
<SubjectAttributeDesignator AttributeId="group" .../>
        
<ActionAttributeDesignator AttributeId="read" .../>
        <EnvironmentAttributeDesignator 
AttributeId="purpose" .../>
    
</IndexingHints>
</Policy>
 
If rule contains indexable expression on an 
attribute specified in the indexing hints, rule MAY be 
indexed.
Indexing rules is not a MUST, ie if xacml processor 
does not index rules it is still compliant (but not very fast) 
processor.
 
Simon
 





Follow-Ups:

Re: [xacml] item "G" alternative: indexing hints
From: Michiharu Kudoh <KUDO@jp.ibm.com>








[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]