[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AttributeSelectors to select element names, attribute values
Colleagues,
I want to place requirements on a P3P XML privacy policy statement using
XACML, and I need help formulating the correct XPath expressions. P3P
often uses element names, rather than text node values, to indicate
various policy choices. In other cases, P3P uses XML attribute values.
I'm not sure of the correct XPath syntax to use to select element
names and attribute values as values for my AttributeSelector bag.
The following is part of an example taken from the P3P 1.0 specification
and illustrates these.
<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1";>
<POLICY name="forBrowsers"
discuri="http://www.catalog.example.com/PrivacyPracticeBrowsing.html";
xml:lang="en">
<ACCESS><nonident/></ACCESS>
<DISPUTES-GROUP>
<DISPUTES resolution-type="independent"
service="http://www.PrivacySeal.example.org";
short-description="PrivacySeal.example.org">
<IMG src="http://www.PrivacySeal.example.org/Logo.gif";
alt="PrivacySeal's logo"/>
<REMEDIES><correct/></REMEDIES>
</DISPUTES>
</DISPUTES-GROUP>
<STATEMENT>
<PURPOSE><admin/><develop/></PURPOSE>
<RECIPIENT><ours/></RECIPIENT>
<RETENTION><stated-purpose/></RETENTION>
</STATEMENT>
</POLICY>
</POLICIES>
Notice the <DISPUTES> element includes several XML attributes that
describe the the dispute resolution service: it is "independent", and
the web page of the "service" is "http://www.PrivacySeal.example.org";.
The <REMEDIES> element includes a <correct> element to indicate that a
supported remedy, if the policy is violated, is to "correct" the
violation. Similarly the <PURPOSE> element contains the elements
<admin> and <develop> to indicate that private data may be collected for
administrative or R&D purposes.
1. If I want to say that the <correct> element must be one of the
dispute REMEDIES available, can I use the following XACML expression?
<xacml:Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
<xacml:Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
<xacml:AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>correct</AttributeValue>
</xacml:Apply>
<xacml:AttributeSelector
DataType="http://www.w3.org/2001/XMLSchema#string";
RequestContextPath="/POLICIES xmlms="http://www.w3.org/2002/01/P3Pv1";
/POLICY/DISPUTES/REMEDIES/*" />
</xacml:Apply>
2. If I want to say that the disputes resolution-type XML attribute must
always be "independent", can I use the following XACML expression?
<xacml:Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<xacml:Apply
FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<xacml:AttributeSelector
DataType="http://www.w3.org/2001/XMLSchema#string";
RequestContextPath=
"/POLICIES xmlms="http://www.w3.org/2002/01/P3Pv1";
/POLICY/DISPUTES-GROUP/DISPUTES[@resolution-type]"/>
</xacml:Apply>
<xacml:AttributeValue
DataType="http://www.w3.org/2001/XMLSchema#string";>independent</xacml:AttributeValue>
</xacml:Apply>
Regards,
Anne
--
Anne H. Anderson, Sun Microsystems Laboratories
1 Network Drive,UBUR02-311, Burlington, MA 01803-0902 USA
Tel: 781/442-0928 Fax: 781/442-0399
Email: Anne.Anderson@Sun.COM until mid-August 2007
Email: Anne.Anderson@alum.swarthmore.edu after mid-August 2007
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]