[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [xacml] RE: policy model, part 1
Sekhar, How is "nil" represented for "nillable". -Polar On Thu, 21 Feb 2002, Sekhar Vajjhala - Sun Microsystems wrote: > Hi Carlisle, > > > Carlisle Adams wrote: > > > > Hi Polar, > > > > ---------- > > From: Polar Humenn[SMTP:polar@syr.edu] > > Sent: Thursday, February 21, 2002 4:17 PM > > To: Carlisle Adams > > Cc: 'xacml@lists.oasis-open.org' > > Subject: Re: [xacml] RE: policy model, part 1 > > > > On Tue, 19 Feb 2002, Carlisle Adams wrote: > > > > > A RuleStatement contains the following items. > > > - a RuleCore, which is a triple ("subject", "action", "resource"), > > > although one or two of the components may be missing (meaning "any"). > > > > I would still like to see place holders for that information, such as > > <AnySubject/>, <AnyAction/>, <AnyResource/>, so that it is explicit in > > what it means. You can lock in the positions in the syntax as well, which > > might lead to easier processing. > > > > > > This is fine, although the syntax is probably a little bit uglier (e.g., the <subjects> element now needs to be a choice of PredicateExpressionType and <AnySubject/>, rather than simply a PredicateExpressionType that may have zero predicates (minOccurs="0")). > > > > But I can live with either. > > The nillable feature provided by XML Schema bears investigation. > XML Schema allows elements to be made nillable > > So in the XACML schema we could say: > > <xs:element name="subjects" type="xacml:PredicateExpressionType" nillable=true" /> > > Then the following XACML policy instance fragment would be considered valid > > <subjects xsi:nil = "true"></subjects> > > (xsi is the XMLSchema-instance namespace) > > So basically, the interpretation is that a nil subject is > AnySubject. Would this interpretation work ? > > If so, then nillable needs to be investigated further to see if > there are any reasons why we may not use it. But that is a work item > when the focus shifts to XML syntax. > > > > > Carlisle. > > -- > Sekhar >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC