OASIS eXtensible Access Control Markup Language (XACML) TC

[xacml] section 3: examples

  • 1.  [xacml] section 3: examples

    Posted 08-13-2002 20:36
     MHonArc v2.5.2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


    Subject: [xacml] section 3: examples


    Examples from section 3.
     
    I made a number of small changes to policy-16f and context 16f
    which I did not publish yet. Those are typo's, unused elements, optional-required attrs, etc.
    One improvement is <PolicyIdReference> and <PolicySetIdReference>
    elements. I will publish my changes.
    So if you'll try to validate examples against 16f it will not work.
     
    I also made small changes to medical record instance in that I assumed there
    is and /primaryCarePhysician/physicianId element. I do not think it is possible to
    match authenticated subject id with name in the document.
     
    A note on examples.
    These examples are motivated by the xml document protection use case.
    Resource model selected is dom, and expression over this model is
    xpath. In previous versions of examples regular expression was used
    to match resource, and xpath expression was used in condition.
    Resource matching function is function:node-match(xpath-req, xpath-rule)
    and it matches if xpath-req node is equal or after xpath-rule node.
    It is possible to select some other resource model and use reg-exp.
     
    Simon Godik
     

    Attachment: example-request-context.xml
    Description: text/xml

    Attachment: example2.xml
    Description: text/xml

    Attachment: example3.xml
    Description: text/xml

    Attachment: example4.xml
    Description: text/xml

    Attachment: example1.xml
    Description: text/xml



    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


    Powered by eList eXpress LLC