OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-users] Database schema for storing XACML policies

I thought about storing XACML schema in Db  and gave up the idea. It
didn't make a sense in my project. So, I had two things:

1. stored entire policy in TEXT type of field, such as CLOB
2. some policies were generated from DB tables. i had a table with
start and end time columns, then the policy was generated using these
two columns

thanks,
argyn

On 6/15/06, dhirendra sharma <dhirendra_sh@yahoo.com> wrote:
>   Hi All,
>
>
>     Can someone share their database schema for
> storing XACML policies ?
>
>     We are planning to store the XACML policies in
> Oracle 9i database.
>     Write a DatabasePolicyModule and based on Subject,
> Resource,Action and optionally Environment from the
> incoming Request
>     build a database SQL query and find out all the
> applicable policies.
>
>
>
>
>     I have defined a simple table called - POLICY with
> columns as follows :
>         ---------------------------------------
>             TARGET_ID    VARCHAR2(20),
>             SUBJECT      VARCHAR2(1000),
>             RESOURCE_ID  VARCHAR2(1000),
>             ACTION       VARCHAR2(1000),
>             POLICY       VARCHAR2(4000)
>         ---------------------------------------
>
>     Using values of subject, resource and action from
> the request input, I build a SQL query and find out
> matching policies.
>
>     I have following 2 questions.
>
>     1). Is above table and column idea good design for
> policy storage perspective or i am missing something ?
>
>     2). Where should add this call to the database for
> find applicable policies in the code ?
>
>     Thanks,
>     Dhirendra Sharma
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> This publicly archived list supports open discussion on using the
> XACML OASIS Standard. To minimize spam in the archives, you
> must subscribe before posting.
>
> [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/
> Alternately, using email: list-[un]subscribe@lists.oasis-open.org
> List archives: http://lists.oasis-open.org/archives/xacml-users/
> Committee homepage: http://www.oasis-open.org/committees/xacml/
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
> Join OASIS: http://www.oasis-open.org/join/
>
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]