OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: RE: [xacml] [batch #2] counter proposal to 3-04

Just for the illustration purpose, I scanned briefly the current version
of OCL -- v1.4 (http://www.omg.org/cgi-bin/doc?formal/01-09-77) and
tried to create an OCL equivalent of the psudo code accompanying the
proposed resolution for PM-1-01-A
(http://lists.oasis-open.org/archives/xacml/200203/msg00093.html). This
is what I got:

GLOBAL DENY RULE COMBINER in an ad hoc Java-like language:
------------------------------------------
for <rule> in <ruleSet>
{
	boolean atLeastOnePermit = false;
	effect = eval(<rule>);
	if (effect == "deny" || effect == "indeterminate")
	{
		return "deny";
	}
	else if (effect == "permit")
	{
		atLeastOnePermit = true;
	}
}
if (atLeastOnePermit)
{
	return "permit";
}
else
{
	return "not applicable";
}
-----------------------------------

GLOBAL DENY RULE COMBINER in OCL
-----------------------------
package XACML
 context GlobalDenyRuleCombiner::combine(rules : RuleSet) : Effect
 post:
  if ruleSet.rule->exists(effect = Effect::deny or effect =
Effect::indeterminate)
  then
    result = Effect::deny
  else
    if ruleSet.rule->exists(effect = Effect::permit)
    then
      result = Effect::permit
    else
      result = Effect::notapplicable
    endif
  endif
endpackage
------------------------------
I'm sure there are some errors in my example. But this is just to give
everybody else some idea about OCL. However, an OCL checker
(http://www.klasse.nl/ocl/ocl-checker-text.html) that checks syntax
exists and can be used for XACML work, I believe. Plus software vendors
provide some support as well.

Unless there are any strong objections I propose to resolve issue
PM-3-04 (Pseudo Code for Combiner Algorithms) with the following text:

Proposed Resolution: 
Object Constraint Language (OCL) v1.4, as specified in [OMG
formal/01-09-77], should be used to describe any mandatory-to-implement
combiner algorithms.

Regards
Konstantin

-----Original Message-----
From: bill parducci [mailto:bill@parducci.net]
Sent: Monday, April 08, 2002 10:35 AM
To: xacml
Subject: RE: [xacml] [batch #2] counter proposal to 3-04


OCL is a great idea. good call.

b

On Mon, 2002-04-08 at 06:59, Beznosov, Konstantin wrote:
> I tend to agree with Bill's point that the language should not be
> vendor-specific. This is especially important if we want this standard
> be ever supported across the industry. 
> 
> However, I'm not sure how much we can leverage a specific programming
> language without getting trapped into the problem of providing
> compilable code. Isn't it better to use some formal, such as  Z or
OCL,
> language for such things? See
> http://www.doc.ic.ac.uk/~rej99/suprema/examples_main.htm for an
example.
> 




----------------------------------------------------------------
To subscribe or unsubscribe from this elist use the subscription
manager: <http://lists.oasis-open.org/ob/adm.pl>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC