OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Modelling task partitions in XACML


Hi,

I want to use XACML to implement access control in a workflow system. A
workflow is separated into several tasks. Some of these tasks will be
split into partitions, and now the fun begins: If a user has executed a
task from one of the partitions, he must not execute any task from all
the other partitions. For example:

    workflow = (t1, t2, t3, t4, t5, sign1, sign2)

    partitioning = {{t1, t2, t3, t4, t5}, {sign1}, {sign2}}

Assuming that there is an environment attribute called "history" that
returns all the tasks that the user has already executed, can I
implement this restriction using only plain XACML 1.0 or 2.0?

Roland


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]