[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Fundamental concepts in XACML
For our "background" section, I thought it would be helpful for us to identify the fundamental concepts and mechanisms used in XACML. We can then identify the earlier work that developed those concepts and mechanisms. Here is a starter list: -Describing access request in terms of: Subject -> Action -> Resource/Object -Request including attributes of Subject and Resource/Object -Policy based on attributes of Subject and Resource/Object o Attribute-based rules o Identity-based rules -Rule based access control -Access control language -Boolean operations on access rules -Obligations as part of rules Any others? Any refinements to this list? John Erickson, in e-mail to the Rights Language TC, listed some early references to work on policies attached to resources. We can make use of his list for some items, I'm sure. http://lists.oasis-open.org/archives/rights/200206/msg00029.html Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC