OASIS eXtensible Access Control Markup Language (XACML) TC

[xacml] Information element in the policy schema

  • 1.  [xacml] Information element in the policy schema

    Posted 07-30-2002 04:10
     MHonArc v2.5.2 -->
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    xacml message

    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


    Subject: [xacml] Information element in the policy schema


    I have a suggestion about the inclusion of <Information> element in the
    policy. When you extend the core algorithm by using a local algorithm, that
    algorithm may need to refer to some local information (e.g. precedence of
    the rule, specified in the policy) for making decision. But I think there
    is no place to specify such local information in the current policy schema.
    There is a <Description> element but I think it should be used for English
    text. So I would like to add <Information> element below <Rule>,
    <Obligation>, <PolicyStatement>,  and <PolicySetStatement>. I am OK with
    other name if it has the similar meaning. For your information, new schema
    fragments are:
    
    <xs:element name="Information" type="xacml:InformationType"/>
    
    <xs:complexType name="InformationType">
          <xs:sequence>
                <xs:any namespace="##any" processContents="lax" minOccurs="0"
    maxOccurs="unbounded"/>
          </xs:sequence>
          <xs:anyAttribute namespace="##any" processContents="lax"/>
    </xs:complexType>
    
    <xs:complexType name="RuleType">
          <xs:sequence>
                <xs:element name="Description" type="xs:string" minOccurs="0"/>
                <xs:element ref="xacml:Information" minOccurs="0"/>
                <xs:element name="Target" type="xacml:TargetType" minOccurs
    ="0"/>
                <xs:element name="Condition" type="xacml:ConditionType"
    minOccurs="0"/>
          </xs:sequence>
          <xs:attribute name="RuleId" type="xs:anyURI" use="required"/>
          <xs:attribute name="Effect" type="xacml:EffectType" use="required"/>
    </xs:complexType>
    
    <xs:complexType name="ObligationType">
          <xs:element ref="xacml:Information" minOccurs="0"/>
          <xs:choice maxOccurs="unbounded">
                <xs:element ref="xacml:AttributeDesignator"/>
                <xs:element name="AttributeAssignment" type
    ="xacml:AttributeAssignmentType"/>
          </xs:choice>
          <xs:attribute name="ObligationId" type="xs:anyURI" use="required"/>
          <xs:attribute name="FulfilOn" type="xacml:EffectType" use
    ="required"/>
    </xs:complexType>
    
    <xs:complexType name="PolicySetStatementType">
          <xs:complexContent>
                <xs:extension base="saml:StatementAbstractType">
                      <xs:sequence>
                            <xs:element name="Description" type="xs:string"
    minOccurs="0"/>
                            <xs:element ref="xacml:Information" minOccurs="0"/>
                            <xs:element name="Target" type="xacml:TargetType"/>
                            <xs:element name="PolicySet" type
    ="xacml:PolicySetType" maxOccurs="unbounded"/>
                            <xs:element name="Obligations" type
    ="xacml:ObligationsType" minOccurs="0"/>
                      </xs:sequence>
                      <xs:attribute name="PolicySetId" type="xs:anyURI" use
    ="required"/>
                      <xs:attribute name="PolicyCombiningAlgId" type
    ="xs:anyURI" use="required"/>
                </xs:extension>
          </xs:complexContent>
    </xs:complexType>
    
    <xs:complexType name="PolicyStatementType">
          <xs:complexContent>
                <xs:extension base="saml:StatementAbstractType">
                      <xs:sequence>
                            <xs:element name="Description" type="xs:string"
    minOccurs="0"/>
                            <xs:element ref="xacml:Information" minOccurs="0"/>
                            <xs:element name="Target" type="xacml:TargetType"/>
                            <xs:element name="RuleSet" type="xacml:RuleSetType"
    maxOccurs="unbounded"/>
                            <xs:element name="Obligations" type
    ="xacml:ObligationsType" minOccurs="0"/>
                      </xs:sequence>
                      <xs:attribute name="PolicyId" type="xs:anyURI" use
    ="required"/>
                      <xs:attribute name="RuleCombiningAlgId" type="xs:anyURI"
    use="required"/>
                </xs:extension>
          </xs:complexContent>
    </xs:complexType>
    
    Michiharu Kudo
    
    IBM Tokyo Research Laboratory, Internet Technology
    Tel. +81 (46) 215-4642   Fax +81 (46) 273-7428
    
    
    
    
    


    [Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


    Powered by eList eXpress LLC