RE: [xacml-dev] Policy editor? Gui?

["diego gonzalez" <diegog@lagash.com>]

Within my list of features I also had some helpers:
 - Evaluate the Policy with a specific Context.
 - Evaluate part of the policy with a specific Context (Rule, Condition,
Target, Policy, PolicySet).
 - Provide a Validation feature to make a strong validation like:
DataType checking, incomplete behavior, etc
 - Allow the definition of new Functions. I was wondering in adding a
function named: "blah:blah:javascript-evaluate", that receives a
javascript code that can be evaluated during the execution.

I have a list (somewhere) of features, I'll look for it and post to the
list.

Have a nice weekend.

DiegoG

-----Original Message-----
From: Kuketayev, Argyn [mailto:argyn_kuketayev@fanniemae.com] 
Sent: Friday, November 12, 2004 1:55 PM
To: diego gonzalez; sunxacml-discuss@lists.sourceforge.net;
xacml-dev@lists.oasis-open.org
Subject: RE: [xacml-dev] Policy editor? Gui?

Thanks for refering this policy editor. Now, maybe we could brainstorm
and come up with a list of features required from a policy editor.


I have this:
1. property editors for all standard XACML objects, such as Rules. i.e.
it should ease adding this elements to a policy. This is a standard
feature in all XML editors which can read XML schemas 2. XACML has other
stuff like combining algorithms. XML schema is of limited use here,
because e.g. it only can say that there's a sequence of sub-elements.
Schema doesn't "know" that the Resource should have required resource-id
in the request context. Policy editor should know this. So, property
editors for combining algorithms must know how many and what elements
are in the particular algorithm.
3. glossary of standard urns, such as
"urn:oasis:names:tc:xacml:1.0:subject:role"
4. build a repostory of app specific values for attributes. Example, my
role can have 10 different values, such as "default", "admin" etc. 
policy editor must be able to build app specifi vocabulary out of these
things. Especially, resource-id type of objects. I have a limited number
of them (such as "...:screen" and "...:account"), I'd like the editor
know them 5. support policy reference, i.e. if I click on a referenced
policy, it should open that policy

That's all for tonight




> -----Original Message-----
> From: diego gonzalez [mailto:diegog@lagash.com]
> Sent: Thursday, November 11, 2004 6:32 AM
> To: sunxacml-discuss@lists.sourceforge.net;
> xacml-dev@lists.oasis-open.org
> Subject: RE: [xacml-dev] Policy editor? Gui?
> 
> 
> XACML.NET project includes a graphical editing tool which is not 
> finished, yet. For the moment you can open any 1.1 policy and see 
> what's inside using a tree and a set of properties.
>  
> You will need .Net Framework 1.1 installed in your machine.
>  
> Best Regards,
> Diego Gonzalez
> Lagash Systems SA
> 
> ________________________________
> 
> From: Kuketayev, Argyn [mailto:argyn_kuketayev@fanniemae.com]
> Sent: Thu 11/11/2004 12:31 AM
> To: sunxacml-discuss@lists.sourceforge.net;
> xacml-dev@lists.oasis-open.org
> Subject: [xacml-dev] Policy editor? Gui?
> 
> 
> 
> Is anybody working on a open-source graphical policy editor ? 
> Is there a business case for it? What would be the minimum set of 
> features to make it useful? Should it be tailored for a particular 
> implementation, such as SunXACML or could it be useful for any XACML 
> policy?
> 
> I've been thinking about editor ever since I had to write policies. 
> It's very inconvinient to edit them in regular XML editor.
> 
> Thanks,
> Argyn
> 
> 
> 
>