OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Public Comment

Comment from: ludwig@sics.se

Name: Ludwig Seitz
Title: PhD Researcher
Organization: Security, Policy and Trust Laboratory, SICS, Sweden
Regarding Specification: XACML

Hello all,
I wanted to suggest some points for the XACML standard with the goal of simplifying XACML Policies (by reducing their verboseness).

1. Define a default policy/rule combining algorithm, e.g. "permit-overrides", if the attribute PolicyCombiningAlgId/RuleCombiningAlgId is missing from a PolicySet/Policy tag.

2. Define "string-equal" as default MatchId attribute in SubjectMatch, ResourceMatch and ActionMatch tags.

3. Define "http://www.w3.org/2001/XMLSchema#string"; as default DataType attribute in AttributeValue tags.

4. Define "urn:oasis:names:tc:xacml:1.0:subject:subject-id"/
"urn:oasis:names:tc:xacml:1.0:resource:resource-id"/
"urn:oasis:names:tc:xacml:1.0:action:action-id"
as default values for the AttributeId attribute of
SubjectAttributeDesignator/
ResourceAttributeDesignator/
ActionAttributeDesignator

Regards,

Ludwig Seitz

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]