[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-dev] XACML Attribute values locaters
On ons, 2011-04-27 at 13:57 +0500, Security Developer wrote: > Hi, > > What is the real time use case when XACML PDP has to find the > attribute values from external sources i.e. LDAP, Database etc. > > Why not authentication system return all the attributes of a subject > so the XACML PDP do not have to locate the attribute values? > > More explanation about the related topic would be highly appreciated. > > Thanks and Best Regards. The PEP might not know which attributes are required by the policies when submitting the request to the PDP, or it might be bad for performance to retrieve all attributes for each request (since many of them might not be needed for a specific request). Regards, Ludwig -- Ludwig Seitz, PhD Swedish Institute of Computer Science Ideon Science Park Building Beta 2 3v Scheelevägen 17 SE-223 70 Lund Phone +46(0)70-349 92 51 http://www.sics.se
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]