[xacml] Minutes of Feb 25 policy model subcommittee concall

[Pierangela Samarati <samarati@pinky.crema.unimi.it>]

Hi,

below are the minutes. sorry for the delay i've been swamped Tue and Wed.
i had promised the note mentioned in the minutes by today, i'm a bit 
behind. will send it out by the weekend definitely.

best
-p

===============================================================
MINUTES OF THE POLICY MODEL SUBCOMMITTEE (MONDAY, FEB. 25 2002)
===============================================================

PRESENT

* Carlisle Adams (Entrust)
* Anne Anderson (Sun) 
* Hal Lockhart
* Pilz Gilbert
* Fred Moses
* Ernesto Damiani (Unimi)
* Simon Godik 
* Pierangela Samarati (Unimi)
* Tim Moses (Entrust)
* Michiharu Kudoh (IBM)
* Sekhar Vajjhala

---------------------------------------------------------------

We continued going over Tim's document v.0.9, pointing out aspects
that needed discussion. 

* Page 10, examples. Simon points the attention on resource, where the
  matching rule for the resource refers to the request. Simon proposes
  that the resource be written in a request-independent manner. The
  point that Simon makes in that while in SAML the resource is just a
  string, XACML should suggest a structure.

  Hal comments that while it is good to retain a simplified structure,
  we should not be tied to SAML as a specific way of expressing
  requests. In other words, we need to be compatible with SAML, but
  should not be tied to it. Carlisle, replies that we actually have
  that in the charter. Hal says we should be compliant, but we should
  ask SAML to define a more sophisticated request.

  Simon says that the SAML way of expressing resources as a string is
  limited. For instance, what is the resource in case of XML
  documents?  how do i go fine grained?

  Ernesto comments that we should not have a sophisticated resource
  encoding if SAML does not support it. This can be a parallel effort
  to influence the next version of SAML.

  ****** ACTION: round of email to see what others in the XACML list 
         think. (Simon champion)


  Again on the examples, Simon comments that attribute reference
  should be tied to the object. It's a question of tight coupling or
  loose coupling of the policy with the request. (This issue will be
  discussed in relationship with the one above)/

* [page 11, lines 420..422] arithmentic operators. The issue was
  discussed at the F2F where Sekhar said he would have looked at
  it. Sekhar reports that he could not complete it.  Hal comments that
  we will need black box functions. for instance matching a subject
  requestor to something in a record that requires some sort of
  private functions: no set of simple operators that we can define
  that will be good enough. Ernesto, while agreeing on this, comments
  that it would be useful to have at least the simplest arithmetic
  operators be part of the language. 

  ******ACTION: Ernesto, Simon, Tim to look at arithmetic operators
        and report to us.


* Anne says that it would be good if we have one or two example of
  SAML authorization decision queries. For instance, one that should
  be answered with a permit and one with a deny. They would provide
  more concreteness in the discussion.

  ******ACTION: Tim to add the examples


* Figure 1. Ann ponints out that changes are needed. Since the figure
  should reflect the model (which is now under discussion) it is agreed to
  postpone this to when the model will be finished.

* Follows a discussion on the format and semantics of 
  - rules
  - policies
  - metapolicies

  One of the major point in the discussion was the current proposal in
  the document that a policy could be a boolean expression of rules.
  Pierangela points out that semantics of such a boolean expression
  seems to be not clear and while boolean expressions (or rather AND
  and OR) seems to be needed for combining policies they seems not to
  be for combining rules within an elementary policy. 

  ****** ACTION: Pierangela to send out a document summarizing
         possible solution/s taking into account discussion on
         policies of last concalls as well as msg exchange.