OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: XACML federation

Hi all,

I am sorry for cross-posting on two lists on both of which you may be a member.

I am thinking of what may be needed to consider for XACML topology when constructing a federation, and the federation XACML policy combination logic where such may be needed. Obviously, we may need to consider policies needed, topology for policy combinations, policy store topologies, and PDP and PEP topologies.

Does it need somewhere to set up a super policy store which may have federation policies (policies about some additional federation rules and/or policy combination rules for local polices), or is it necessary to share some new federation policies for local PEPs (via PAP presumably), or some member policy domains now share policies due to the newly formed federation, or can they just operate independently for the federation effects (as long as federated identity and authentication are at play, e.g. with SAML tokens shared) only via virtue of what actions succeeded/failed on separate layers?

Do we federate the policies, policy stores, PAP, PDPs or PEPs? On what level does the federation happen?

I am going to think about these, since I can't find good resources on the web or in publications.

However, I thought that you may have already seen some good framework elsewhere.

If you have, can you give me some references?

Thanks,
Yoichi


--------------------------------------------------------------------------
Yoichi Takayama, PhD
Senior Research Fellow
RAMP Project
MELCOE (Macquarie E-Learning Centre of Excellence)
MACQUARIE UNIVERSITY

Phone: +61 (0)2 9850 9073
Fax: +61 (0)2 9850 6527
www.mq.edu.au
www.melcoe.mq.edu.au/projects/RAMP/
--------------------------------------------------------------------------
MACQUARIE UNIVERSITY: CRICOS Provider No 00002J

This message is intended for the addressee named and may contain confidential information.  If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of Macquarie E-Learning Centre Of Excellence (MELCOE) or Macquarie University.

smime.p7s

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]