OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: Question re: XACML PEP


Hi Crystal,

 

In that demonstration the Boeing CIPHER tool searched and classified the document based on the information it contained (e.g. proprietary markings) and store an XACML attribute in the properties of the document (e.g. “urn:oasis:names:tc:xacml:3.0:ipc:resource:proprietary” with a value of “true”). A PEP would need to extract that information from the document and send it in an XACML request to a PDP to render a decision based on an XACML policy. I know Nextlabs provides a PEP that can do this. Other XACML product companies may also provide PEPs with this capability too.

 

Richard Hill

 

From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org] On Behalf Of Hayes, Crystal L
Sent: Friday, March 13, 2015 11:31 AM
To: xacml@lists.oasis-open.org
Cc: Smith, Gregory L
Subject: [xacml] Question re: XACML PEP

 

Hello Group,

 

Can any of you please tell me how, in our 2012 RSA demonstration of the XACML IP Profile, how the Policy Enforcement Point (PEP) was able to read resource metadata, to make an access control decision?  Was the resource file actually being opened in order to read the metadata?   How is the metadata visible to the PEP?

 

Thanks so much!

 

Crystal Hayes, CCEP
Boeing Intellectual Property Management
(206) 713-2928 

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]