OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-users] XACML Policy generation

Seth Proctor wrote:
> My project (SunXACML) is a library, so it's useful for programatically 
> creating/managing policy, but I don't think that's what you're looking 
> for. I've been working on a tool like what you're asking about, but I 
> haven't got clearance to release it yet (hopefully this summer..).
> My experience is that right now, most folks are rolling their own tools 
> based on what their environment looks like...but if there are other 
> tools out there I don't know about, please chime in!
I would also add to this that it is essential to have some policy 
management tools with such basic functionality like policy generation, 
viewing and editing and extended one for mapping between other access 
control formats.

For our customers who are not IT industry, they don't care about 
actual policy format but want to have some tools to at least input 
access control list/table without disturbing developers/administrator. 
This is actually what makes any solution useable for them.

 > To my knowledge, there aren't a lot of these tools available right 
 > there is also a project called reva (but I don't know how complete 
it is
 > or whether it's still under active development).

Here I will do some promoting work :-) Nowadays it's called G-PBox and 
used for Job/work submission to computing element in Grids

But to my knowledge such kind of tools is not available from them.

 > There are also projects
 > like the freebxml registry which uses XACML for authorization and
 > provide a framework for storing/managing policy, but this is probably
 > more heavy-weight than what you're looking for.

The page says:
"The omar project does not provide a GUI tool for authoring XACML 
access control policies yet..."

but their examples in misc/samples/acp are quite useful.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]