Gilbert,
Good point. SAML is likely using "object" to mean the same thing as our
"target." This is because SAML is assuming a (Subject X Object X Resource X
Action)
space [1]. If we were to use the same space, we could use "object."
On the other hand, when we get closer to "target specification,"
we would know exactly whether "target" is the same as "object."
E.g., XACML might specify a "target" can have a "Role."
In SAML, now only "Subject" has a "Role."
In brief, XACML "target" has the potential not to mean the same as "object"
in SAML, and because of that we can use the term "target" without
conflict with SAML specs. Sound right?
[1]
http://www.oasis-open.org/committees/security/docs/draft-sstc-saml-spec-00.P
DF
-Suresh