OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml-users] Help on Condition ? <-- Obligations

Thanks, that sounds reasonable. I will have the Use Cases later.

Yoichi Takayama, PhD
Senior Research Fellow
RAMP Project
MELCOE (Macquarie E-Learning Centre of Excellence)

Phone: +61 (0)2 9850 9073
Fax: +61 (0)2 9850 6527

This message is intended for the addressee named and may contain  
confidential information.  If you are not the intended recipient,  
please delete it and notify the sender. Views expressed in this  
message are those of the individual sender, and are not necessarily  
the views of Macquarie E-Learning Centre Of Excellence (MELCOE) or  
Macquarie University.

On 12/12/2008, at 4:32 PM, Bill Parducci wrote:

> On Dec 12, 2008, at 4:04 PM, Yoichi Takayama wrote:
>> Bill, do you have Use Case to determine what Condition(s) were  
>> responsible and construct your "message" for reason why the  
>> Decision was made??? Or, is it much a simpler matter and I am  
>> overestimating the problem?
> I think Use Cases that were presented at the last TC meeting are a  
> good example of this:
> /*   XACML TC Minutes, 4 December
> Mike Beach from Boeing reviewed his authz Use Cases
>  http://projectconcordia.org/images/d/d6/BoeingFineGrainedAuthorization.pdf
>  (starting at slide 8)
>  The basis of the talk is the ability of XACML to deal with export
>  licensing using Obligations or is additional machinery needed?
> */
> The current mechanism to solve this issue is to "wrap" the  
> individual Rules in Policies to create more granular Obligation  
> control. This initiated the discussion on whether Obligations should  
> be extended to the Rule level. I have suggested that this is not a  
> good solution to this problem since it overloads what Obligations  
> should do (IMO). I do however, understand the need for informational  
> decision information to be returned so I proposed that we create a  
> mechanism specifically for response messaging at the Rule level. I  
> think this can be added safely since it is not possible to have  
> combining conflicts on non-actionable strings. (I cannot say the  
> same for Obligations, which are not combinable as currently defined)
> thanks
> b


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]