OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-users] Help on Condition ? <-- Obligations

On Dec 12, 2008, at 4:04 PM, Yoichi Takayama wrote:

> Bill, do you have Use Case to determine what Condition(s) were  
> responsible and construct your "message" for reason why the Decision  
> was made??? Or, is it much a simpler matter and I am overestimating  
> the problem?

I think Use Cases that were presented at the last TC meeting are a  
good example of this:

/*   XACML TC Minutes, 4 December

  Mike Beach from Boeing reviewed his authz Use Cases
   (starting at slide 8)
   The basis of the talk is the ability of XACML to deal with export
   licensing using Obligations or is additional machinery needed?


The current mechanism to solve this issue is to "wrap" the individual  
Rules in Policies to create more granular Obligation control. This  
initiated the discussion on whether Obligations should be extended to  
the Rule level. I have suggested that this is not a good solution to  
this problem since it overloads what Obligations should do (IMO). I do  
however, understand the need for informational decision information to  
be returned so I proposed that we create a mechanism specifically for  
response messaging at the Rule level. I think this can be added safely  
since it is not possible to have combining conflicts on non-actionable  
strings. (I cannot say the same for Obligations, which are not  
combinable as currently defined)



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]