Profile

Agenda: Erik presents real-world policies John update on attribute profiles David Button on use cases for BTG BTG (continued) Real-world policies Erik presents example policies taken from Swedish eHealth record sharing service Deny-overrides of - Policy: valid care relation (does requestor have care ...

Hi Ray, As discussed during the last call, I think the answer to your question is yes, if I correctly understand authorization-based access control (ZBAC) correctly as follows. A user from domain A wants to access a resource hosted in domain B. In classical attribute-based access control (ABAC), domain ...

Hi Paul, > >>> 1. A suggestion for writing the SAML profile: instead of specifying the >>> evaluation of AttributePredicate with reference to a hypothetical XACML >>> policy evaluation, maybe you could just refer to section 7.4 of the >>> XACML spec for how to evaluate expressions. >> I guess we could, ...

On Mon, 2011-04-04 at 15:26 +0200, Gregory Neven wrote: > Hi Paul, > > Thanks for your comments, responses are in-line. > > > 1. A suggestion for writing the SAML profile: instead of specifying the > > evaluation of AttributePredicate with reference to a hypothetical XACML > > policy evaluation, maybe ...