[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Concrete Proposal of ConditionReference (#7)
This is a concrete proposal on new work item #7: Condition Reference.
The proposal is based on the generic variable reference approach by Polar.
Any comments are welcome.
- The following example describes an outline of the new policy statement
using <VariableDef> and <VariableRef> elements.
<Policy>
<VariableDef VariableId="var1">
... a variable definition ...
</VariableDef>
<VariableDef VariableId="var2">
... a variable definition ...
</VariableDef>
<Rule Effect = "Permit">
<Target> ... target 1
<VariableRef VariableId="var1"/>
</Rule>
<Rule Effect = "Permit">
<Target>... target 2
<Condition FunctionId= "string-equal">
<VariableRef VariableId="var1"/>
<VariableRef VariableId="var2"/>
</Condition>
</Rule>
</Policy>
- I made several modifications on the current XACML policy schema.
Modifications are:
+ Create VariableDef element definition
+ Create VariableDef reference below PolicyType
+ Create VariableRef definition
+ Create VariableRef reference in ApplyCoreType
+ Modify Condition and ApplyType definition
- Sample XACML policy and the modified policy schema definition.
(the policy is valid against the new schema)
(See attached file: draft-xacml-schema-policy-v2-1.xsd)(See attached file:
XACMLPolicyRule1.xml)
Best,
Michiharu
draft-xacml-schema-policy-v2-1.xsd
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]