Product of TC
XACML TC will define a core XML schema for representing
entitlement policies, also called XACML
Policy Target
The target of a policy (hereafter referred to as "subject") can be any
object that can be referenced in XML.
Protocols and bindings
XACML TC will define new protocols or identify bindings
to existing protocols (e.g., XPath, CORBA CSIv2) intended as means of
accessing and communicating the policies
> Jens Jakob Andersen;:
> How will XACML map to existing accepted standards (Kerberos, SAF, LDAP etc
?)
>
Scope
XACML is expected to address fine grained control of
authorized activities, the effect of characteristics of
the access requestor, the authorization protocol over
which the request is made, authorization based on classes
of activities, and content introspection (i.e. authorization
based on both the requestor and potentially attribute
values within the subject where the values of
the attributes may not be known to the policy writer)
Extensibility
XACML core schema is extensible for as yet unknown features
Interoperability
XACML TC will define interoperability of XACML core schema
with other standards
Simon Blackwell
Suresh Damodaran
Fred Moses
------------------------------------------------------------------
To unsubscribe from this elist send a message with the single word
"unsubscribe" in the body to: xacml-request@lists.oasis-open.org