OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Subject: Re: [xacml] RE: policy model, part 1



Sekhar,

How is "nil" represented for "nillable".

-Polar

On Thu, 21 Feb 2002, Sekhar Vajjhala - Sun Microsystems wrote:

> Hi Carlisle,
>
> > Carlisle Adams wrote:
> >
> > Hi Polar,
> >
> >      ----------
> >      From:   Polar Humenn[SMTP:polar@syr.edu]
> >      Sent:   Thursday, February 21, 2002 4:17 PM
> >      To:     Carlisle Adams
> >      Cc:     'xacml@lists.oasis-open.org'
> >      Subject:        Re: [xacml] RE: policy model, part 1
> >
> >      On Tue, 19 Feb 2002, Carlisle Adams wrote:
> >
> >      > A RuleStatement contains the following items.
> >      >   - a RuleCore, which is a triple ("subject", "action", "resource"),
> >      > although one or two of the components may be missing (meaning "any").
> >
> >      I would still like to see place holders for that information, such as
> >      <AnySubject/>, <AnyAction/>, <AnyResource/>, so that it is explicit in
> >      what it means. You can lock in the positions in the syntax as well, which
> >      might lead to easier processing.
> >
> >
> > This is fine, although the syntax is probably a little bit uglier (e.g., the <subjects> element now needs to be a choice of PredicateExpressionType and <AnySubject/>, rather than simply a PredicateExpressionType that may have zero predicates (minOccurs="0")).
> >
> > But I can live with either.
>
> The nillable feature provided by XML Schema bears investigation.
> XML Schema allows elements to be made nillable
>
> So in the XACML schema we could say:
>
> <xs:element name="subjects" type="xacml:PredicateExpressionType" nillable=true" />
>
> Then the following XACML policy instance fragment would be considered valid
>
> <subjects xsi:nil = "true"></subjects>
>
> (xsi is the XMLSchema-instance namespace)
>
> So basically, the interpretation is that a nil subject is
> AnySubject. Would this interpretation work ?
>
> If so, then nillable needs to be investigated further to see if
> there are any reasons why we may not use it. But that is a work item
> when the focus shifts to XML syntax.
>
> >
> > Carlisle.
>
> --
> Sekhar
>



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]


Powered by eList eXpress LLC