[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml-users] Help on ResourceConent!
Balaji Kannadassan schrieb: > Hi Roland! > > Thanks for making things clear to me. BTW saw this entry in the > oasis-xacmlv1.0.pdf would like to know what they exactly mean. > > Q) > > The following example illustrates a request context to which the example > rules may be applicable. It represents a request by the physician Julius > Hibbert to read the patient date of birth in the record of Bartholomew > Simpson. > > XML Request: > ------------ > .... > <ResourceContent> > <md:record > xmlns:md="//http:www.medico.com/schemas/record.xsd"> > <md:patient> > <md:patientDoB>1992-03-21</md:patientDoB> > </md:patient> > <!-- other fields --> > </md:record> > <ResourceContent> > > We have to search for the DoB of the patient rt ?. Its enough if we have > specified the xsd hyperlink. Any idea on why they have specified a new > patient record with DoB entry ?. The standard functions of XACML can only search in XML data that is provided directly in the <Request>. <guess> Searching external documents would have been too complicated to include it in the standard. Plus, it affects the security considerations if the PDP accesses external documents. Any information that leaks from the XACML system may be used by some attacker to gain further knowledge about the system. </guess> Roland
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]