[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Article Link: Widespread adoption seen for XACML specs
From XML Report for Wednesday, February 26, 2003 http://www.adtmag.com/article.asp?id=7353
Widespread adoption seen for XACML specs By Rich Seeley
Within a year, developers can expect to see widespread adoption of the Extensible Access Control Markup Language (XACML), the newly ratified OASIS information access standard for Internet applications, XML experts say.
XACML gives developers information access controls for Web services applications, said Brad Brown, chairman and chief architect of TUSC (http://www.tusc.com), an Oracle consulting company based in Lombard, Ill. He likened the new standard to access controls that have been deployed for decades on mainframe systems.
"Access control is something that's been around for a while dating back to the early DEC days with file systems," Brown said. Until the advent of XACML, there was no easy way to set privileges for things such as read and update for Web services and other applications operating via the Internet, he added.
"This technology provides that for this world," Brown said. "It gives you additional security privileges that historically you haven't had. You could certainly build it into your Web application, but people would have to go out and manually build that stuff."
Ron Schmelzer, senior analyst at ZapThink LLC (http://www.zapthink.com), a Waltham, Mass.-based firm specializing in XML technologies, agreed with Brown that XACML would appear in major vendors' Web servers within six months. The analyst estimated that it would have widespread implementation in Web services applications by the end of this year or early 2004.
Noting that it was complementary to Security Assertion Markup Language (SAML) from OASIS, Schmelzer said XACML would make it easier for end users to work with Web services applications. Operating similar to single sign-on, once a user's access privileges are set, they can then work uniformly with all of the services across the Internet that are incorporated into a Web services application, he said.
For the rest of the story, please go to http://www.adtmag.com/article.asp?id=7353
Ken Yagen Engineering Manager Application Security Infrastructure BEA Systems, Inc.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC