Re: [xacml] Minutes for 25 May 2017 TC Meeting

Hal et al.--

In today's XACML TC call I mentioned a demo I saw some years ago that approached my ideal of how a policy construction tool aimed at users who are lawyers or policy analysts might operate. You asked if I could find a reference to give the TC a better idea of what I was describing.

Here is a link to a presentation on the project (which was an IBM experimental effort called "Sparcle".) This presentation seems to be from 2009, but the demo I got from the project lead, Dr. Clare-Marie Karat, was earlier and included actual screen-shots of the software. That would have been more useful in illustrating what I found so attractive. I'll look further to see if I can find something like that but I'm not optimistic.

http://s3.amazonaws.com/academia.edu.documents/30747409/Policy-Frameworks-Akbar.pdf?AWSAccessKeyId=AKIAIWOWYYGZ2Y53UL3A&Expires=1495756237&Signature=GnVvfc7cv%2FxdvkCRCGps%2BWAqUlQ%3D&response-content-disposition=inline%3B%20filename%3DPolicy_framework_for_security_and_privac.pdf

Martin

On Thu, May 25, 2017 at 5:20 PM, rich levinson <rich.levinson@oracle.com> wrote:

Time: 4:30 PM EST (-0400 GMT)
Tel: 1-712-775-7031
Access Code: 620-103-760

Minutes for 25 May 2017 TC Meeting

I. Roll Call & Minutes

Attendance:

Steven Legg
Rich Levinson
Hal Lockhart
Bill Parducci
Martin Smith

bill: we have quorum

Approve Minutes for 11 May 2017
https://lists.oasis-open.org/archives/xacml/201705/msg00002.html

hal: any obj unan? none heard:
minutes approved:

II. Administrivia
No open administrative issues outstanding.

III. Issues

Errata Status:
Vote approved last mtg for tc-admin to initiate 15-day public review:
action was to notify tc-admin (see minutes above)

request in jira is 2585, not yet assigned

hal published comment resolution log:
https://lists.oasis-open.org/archives/xacml/201705/msg00006.html

Consider ideas for making xacml more visible publicly:
(things seem to have been down-played in wake of json/xml controversy)
(for ref: here are some of the json issues that have been swept under rug:
http://seriot.ch/parsing_json.php)

hal: json spec + alfa is json-like, but probably more robust wrt rep xacml
rich: would like to here from david more based on his email ref'd below.

martin: impediment: policy based access control: if then else examples
in the xacml docs, also done, then below is xml
until we get to point that people can represent policy in if-then-else
and relate that to xacml logic;

hal: most of xacml is turing complete, xacml is logic and can be resolved.
subject to analysis; style of idioms needs to be learned.

martin: tools haven't bridged gap of

hal: oauth scope is like a policy: action,resource; can construct equivalent
xacml rep of that; incl wildcarding, compact notation;

rich: maybe look at policies from the perspective of questions to ask about
policies for example "who as access to a specific resource".

martin: natural language words on a page

hal: wiggle-room is what makes democracy work (i.e. flexibility in interpretation
of a set of rules)

martin: strength of xacml is very large policies "can" be written and be solid.

hal: amzn's policy lang is json-like rep of xacml

Follow-up emails:
david:
https://lists.oasis-open.org/archives/xacml/201705/msg00003.html
martin:
https://lists.oasis-open.org/archives/xacml/201705/msg00004.html
rich:
https://lists.oasis-open.org/archives/xacml/201705/msg00005.html
+ additional ref to hi-level arch of oauth/xacml:
http://svn.code.sf.net/p/openaz/code/branches/RB-1.2/openaz/test/doc/test/OAuthSimulator.html

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

Martin F Smith, Principal

BFC Consulting, LLC

McLean, Va 22102

703 506-0159

703 389-3224 mobile

xacml message