xacml-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: [xacml-comment] XCAML Spec version 1.0 - Example 2, Rule 1
- From: Jahan Moreh <jmoreh@sigaba.com>
- To: xacml-comment@lists.oasis-open.org
- Date: Wed, 20 Nov 2002 14:09:54 -0800
Section 4.2.3. Rule 1,
line 1027 states that: "A person may read any record for which he or she is the
designated patient".
Section 4.2.4.1., Line
1036 starts the XACML rule instance for rule 1, which I assumed is the rule
expressed in English in line 1027.
Line 1095-1111 (the
condition) defines a condition for matching the policy-number attribute from the
<Subject> with the policy-number in the patient record.
This condition does not
match the English statement (A person may read any record for which he or she is
the designated patient) stated earlier.
Am I missing something
or is this an inconsistency?
Sorry, but I don't have
time to read the entire spec in one shot, so comments may come in
pieces.
Jahan
----------------
Jahan Moreh
Chief Security
Architect
310.286.3070
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC