[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AttributeSelectors to select element names, attribute values
Colleagues, I want to place requirements on a P3P XML privacy policy statement using XACML, and I need help formulating the correct XPath expressions. P3P often uses element names, rather than text node values, to indicate various policy choices. In other cases, P3P uses XML attribute values. I'm not sure of the correct XPath syntax to use to select element names and attribute values as values for my AttributeSelector bag. The following is part of an example taken from the P3P 1.0 specification and illustrates these. <POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1"> <POLICY name="forBrowsers" discuri="http://www.catalog.example.com/PrivacyPracticeBrowsing.html" xml:lang="en"> <ACCESS><nonident/></ACCESS> <DISPUTES-GROUP> <DISPUTES resolution-type="independent" service="http://www.PrivacySeal.example.org" short-description="PrivacySeal.example.org"> <IMG src="http://www.PrivacySeal.example.org/Logo.gif" alt="PrivacySeal's logo"/> <REMEDIES><correct/></REMEDIES> </DISPUTES> </DISPUTES-GROUP> <STATEMENT> <PURPOSE><admin/><develop/></PURPOSE> <RECIPIENT><ours/></RECIPIENT> <RETENTION><stated-purpose/></RETENTION> </STATEMENT> </POLICY> </POLICIES> Notice the <DISPUTES> element includes several XML attributes that describe the the dispute resolution service: it is "independent", and the web page of the "service" is "http://www.PrivacySeal.example.org". The <REMEDIES> element includes a <correct> element to indicate that a supported remedy, if the policy is violated, is to "correct" the violation. Similarly the <PURPOSE> element contains the elements <admin> and <develop> to indicate that private data may be collected for administrative or R&D purposes. 1. If I want to say that the <correct> element must be one of the dispute REMEDIES available, can I use the following XACML expression? <xacml:Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset"> <xacml:Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag"> <xacml:AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">correct</AttributeValue> </xacml:Apply> <xacml:AttributeSelector DataType="http://www.w3.org/2001/XMLSchema#string" RequestContextPath="/POLICIES xmlms="http://www.w3.org/2002/01/P3Pv1" /POLICY/DISPUTES/REMEDIES/*" /> </xacml:Apply> 2. If I want to say that the disputes resolution-type XML attribute must always be "independent", can I use the following XACML expression? <xacml:Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> <xacml:Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only"> <xacml:AttributeSelector DataType="http://www.w3.org/2001/XMLSchema#string" RequestContextPath= "/POLICIES xmlms="http://www.w3.org/2002/01/P3Pv1" /POLICY/DISPUTES-GROUP/DISPUTES[@resolution-type]"/> </xacml:Apply> <xacml:AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">independent</xacml:AttributeValue> </xacml:Apply> Regards, Anne -- Anne H. Anderson, Sun Microsystems Laboratories 1 Network Drive,UBUR02-311, Burlington, MA 01803-0902 USA Tel: 781/442-0928 Fax: 781/442-0399 Email: Anne.Anderson@Sun.COM until mid-August 2007 Email: Anne.Anderson@alum.swarthmore.edu after mid-August 2007
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]