[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: XACML TC Charter Revision - Strawman
Here is the revised TC Charter - from the lack of email on this thread in the past few days, I am assuming that all the comments are already in. Notes: 1. Changes from previous version: a) "subject" has been replaced by "target" b) "CORBA CSIv2" replaced by "LDAP" 2. Charter is silent on the mechanisms for executing the policy (PDP and PEP). 3. Non-goals of XACML are missing (if any of you want to take a stab at it, please do) Please send your comments. ---------------------------------------------------------------------------- --------------- Product of TC XACML TC will define a core XML schema for representing entitlement policies, also called XACML Policy Target The target of a policy (hereafter referred to as "target") can be any object that can be referenced in XML. Protocols and bindings XACML TC will define new protocols or identify bindings to existing protocols (e.g., XPath, LDAP) intended as means of accessing and communicating the policies Scope XACML is expected to address fine grained control of authorized activities, the effect of characteristics of the access requestor, the authorization protocol over which the request is made, authorization based on classes of activities, and content introspection (i.e. authorization based on both the requestor and potentially attribute values within the target where the values of the attributes may not be known to the policy writer) Extensibility XACML core schema is extensible for as yet unknown features Interoperability XACML TC will define interoperability of XACML core schema with other standards. Simon Blackwell Suresh Damodaran Fred Moses
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC