[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: rgrzywinski@yahoo.com I have been doing some research into role-based access control. In the RBPIM paper (http://csdl.computer.org/comp/proceedings/lcn/2003/2037/00/20370052abs.htm) I found a reference to XACML. I thought that I would pass it along as I think that it's a good thing to see how the community perceives the specification. "Recent works starts exploring the advantages of the PDP/PEP approach for implementing an authorization service that could be shared across a heterogeneous system in a company. An interesting work in this field is the XACML (eXtensible Access Control Markup Language), proposed by the OASIS consortium [16]. XACML is a XML based language that describes both an access control policy language and a request/response language. The policy language is used to express access control policies. Policies are written in XACML by policy administrators and made available for PDP servers. The request/response language is used for supporting the communication between PEP clients and PDP servers. A PEP queries a PDP whether a particular access should be allowed using XACML, and the PDP describes answers to those queries also using XACML." Just an aside: I found it interesting that they see XACML in the same way that I do, both as an expression language -and- a request/response (communication) language. -- Rob Grzywinski
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]