OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xacml-users] Database schema for storing XACML policies


Hi ,

There can be potentially thousands of policies.
How did you find applicable polcies for given request
?

Thanks,
Dhirendra Sharma

--- Argyn <jawabean@gmail.com> wrote:

> I thought about storing XACML schema in Db  and gave
> up the idea. It
> didn't make a sense in my project. So, I had two
> things:
> 
> 1. stored entire policy in TEXT type of field, such
> as CLOB
> 2. some policies were generated from DB tables. i
> had a table with
> start and end time columns, then the policy was
> generated using these
> two columns
> 
> thanks,
> argyn
> 
> On 6/15/06, dhirendra sharma
> <dhirendra_sh@yahoo.com> wrote:
> >   Hi All,
> >
> >
> >     Can someone share their database schema for
> > storing XACML policies ?
> >
> >     We are planning to store the XACML policies in
> > Oracle 9i database.
> >     Write a DatabasePolicyModule and based on
> Subject,
> > Resource,Action and optionally Environment from
> the
> > incoming Request
> >     build a database SQL query and find out all
> the
> > applicable policies.
> >
> >
> >
> >
> >     I have defined a simple table called - POLICY
> with
> > columns as follows :
> >         ---------------------------------------
> >             TARGET_ID    VARCHAR2(20),
> >             SUBJECT      VARCHAR2(1000),
> >             RESOURCE_ID  VARCHAR2(1000),
> >             ACTION       VARCHAR2(1000),
> >             POLICY       VARCHAR2(4000)
> >         ---------------------------------------
> >
> >     Using values of subject, resource and action
> from
> > the request input, I build a SQL query and find
> out
> > matching policies.
> >
> >     I have following 2 questions.
> >
> >     1). Is above table and column idea good design
> for
> > policy storage perspective or i am missing
> something ?
> >
> >     2). Where should add this call to the database
> for
> > find applicable policies in the code ?
> >
> >     Thanks,
> >     Dhirendra Sharma
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam
> protection around
> > http://mail.yahoo.com
> >
> >
>
---------------------------------------------------------------------
> > This publicly archived list supports open
> discussion on using the
> > XACML OASIS Standard. To minimize spam in the
> archives, you
> > must subscribe before posting.
> >
> > [Un]Subscribe/change address:
> http://www.oasis-open.org/mlmanage/
> > Alternately, using email:
> list-[un]subscribe@lists.oasis-open.org
> > List archives:
> http://lists.oasis-open.org/archives/xacml-users/
> > Committee homepage:
> http://www.oasis-open.org/committees/xacml/
> > List Guidelines:
> http://www.oasis-open.org/maillists/guidelines.php
> > Join OASIS: http://www.oasis-open.org/join/
> >
> >
> 
>
---------------------------------------------------------------------
> This publicly archived list supports open discussion
> on using the 
> XACML OASIS Standard. To minimize spam in the
> archives, you 
> must subscribe before posting.
> 
> [Un]Subscribe/change address:
> http://www.oasis-open.org/mlmanage/
> Alternately, using email:
> list-[un]subscribe@lists.oasis-open.org
> List archives:
> http://lists.oasis-open.org/archives/xacml-users/
> Committee homepage:
> http://www.oasis-open.org/committees/xacml/
> List Guidelines:
> http://www.oasis-open.org/maillists/guidelines.php
> Join OASIS: http://www.oasis-open.org/join/
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]