Re: [xacml] WI#58: standard hierarchy schema

[Anne Anderson <Anne.Anderson@Sun.COM>]

On 28 January, Rebekah Metz writes: Re: [xacml] WI#58: standard hierarchy schema
 > Editorial note:
 > Under the NodeType schema definition, the </xs:sequence> tag was missing.
 >
 > Some questions that come to mind:
 > 
 > If this is the general xacml representation of a hierarchy, what are the
 > benefits of keeping it in a separate namespace rather than including it
 > directly in the xacml namespace?

Shorter schemas to validate against for people who do not use it?

 > Is there any information that should be permitted within the NodeType
 > definition?  For example,  with this representation of hierarchical
 > resources, there is no concept of order within the Nodes that appear as
 > children to another Node.

Is there a standard way to represent ordered nodes?  Or is that
just specified in the accompanying schema use description?

 > Does anything need to be said regarding wildcarding or perhaps regex use
 > within NodeName, if an implementation chooses to do so?

I don't know.  Comments, anyone?

 > Finally, can someone remind me why the RootName needs to be differentiated
 > as a URI from the name of the Node?  I can't seem to find that discussion in
 > my archive.

I don't think there has been any discussion.  I propose using a
URI there because the root is not just a name; it is also a
location - the system on which the hierarchy is located.  The
nodes can just be names once you know how to locate the hierarchy
root.

 > If we keep this hierarchy general, i.e. not referring specifically to file
 > systems or such, I think that including it as an appendix is appropriate.
 > The application of such a schema to a particular problem, such as a web
 > archive, file system, etc could then be presented separately in a profile
 > with examples.

All excellent comments and questions.  This is why I wanted to
get some sort of starting point out on the table.

-Anne
 
 > Regards, 
 > 
 > Rebekah
 > 
 > On 1/28/04 11:40 AM, "Anne Anderson" <Anne.Anderson@Sun.COM> wrote:
 > 
 > > Given the resolution of WI#9 (hierarchical resources), there need
 > > to be standard schemas for certain common hierarchies such as
 > > UFS.
 > > 
 > > Following is an attempt to define one such a schema.  I think it
 > > would be suitable for use with UFS, most other file systems, and
 > > for many other types of hierarchies.  Such a schema could either
 > > be included as an appendix in XACML 2.0, or could be in a
 > > separate profile.  It is so general, however, that I think
 > > inclusion in an XACML 2.0 appendix might be appropriate.
 > > 
 > > <?xml version="1.0" encoding="UTF-8"?>
 > > <xs:schema targetNamespace="urn:oasis:names:tc:xacml:2.0:hierarchy-schema"
 > > xmlns:xs="http://www.w3.org/2001/XMLSchema";
 > > xmlns:hs="urn:oasis:names:tc:xacml:2.0:hierarchy-schema"
 > > elementFormDefault="qualified" attributeFormDefault="unqualified">
 > > <!-- -->
 > > <xs:element name="Hierarchy" type="hs:HierarchyType"/>
 > > <xs:complexType name="HierarchyType">
 > > <xs:sequence>
 > > <xs:element name="RootName" type="xs:anyURI"/>
 > >           <xs:element ref="hs:Node" maxOccurs="unlimited"/>
 > >       </xs:sequence>
 > >   </xs:complexType>
 > >   <!--  -->
 > >   <xs:element name="Node" type="hs:NodeType"/>
 > >   <xs:complexType name="NodeType">
 > >       <xs:sequence>
 > >           <xs:element name="hs:NodeName" type="xs:string"/>
 > >           <xs:element ref="hs:Node" minOccurs="0" maxOccurs="unlimited"/>
 >         </xs:sequence>
 > >   </xs:complexType>
 > > </xs:schema>
 > > 
 > > Text:
 > > 
 > > Where possible, the hierarchy schema defined in
 > > urn:oasis:names:tc:xacml:2.0:hierarchy-schema SHOULD be used for
 > > expressing hierarchical resources in the
 > > urn:oasis:names:tc:xacml:1.0:resource:resource-content Attribute.
 > > For example, this schema allows a web page hierarchy to be
 > > expressed as:
 > > 
 > >  <hs:Hierarchy>
 > >     <hs:RootName>file://research.sun.com</hs:RootName>
 > >     <hs:Node>
 > >        <hs:NodeName>people</hs:NodeName>
 > >     </hs:Node>
 > >     <hs:Node>
 > >        <hs:NodeName>projects</hs:NodeName>
 > >        <hs:Node>
 > >           <hs:NodeName>GCspy</hs:NodeName>
 > >        </hs:Node>
 > >        <hs:Node>
 > >           <hs:NodeName>Barcelona</hs:NodeName>
 > >        </hs:Node>
 > >     </hs:Node>
 > >     <hs:Node>
 > >        <hs:NodeName>features</hs:NodeName>
 > >        <hs:Node>
 > >           <hs:NodeName>jackpot</hs:NodeName>
 > >           <hs:Node>
 > >              <hs:NodeName>specification</hs:NodeName>
 > >           </hs:Node>
 > >           <hs:Node>
 > >              <hs:NodeName>presentation</hs:NodeName>
 > >           </hs:Node>
 > >        </hs:Node>
 > >        <hs:Node>
 > >           <hs:NodeName>4g_wireless</hs:NodeName>
 > >        </hs:Node>
 > >     </hs:Node>
 > >   </hs:Hierarchy>
 > > 
 > > Similarly, this schema can be used for for various types of file
 > > system hierarchies.
 > 

-- 
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692