[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] [Model] Re: Composition Use Case
X-Mailer: Sun NetMail 2.3 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit On 17 December, bill parducci writes: Re: [xacml] [Model] Composition Use Case > /* > 1. Ability to describe Matching Rules for attributes (for > example, does "A@EnergyInfoAdmin.doe.gov" match "*.doe.gov"). > */ > > this is really the key requirement in my example: pattern matching. the > only difference here from what i tossed out was that my 'case' used this > against payload (content) as well has requester information. since i > believe that payload is just another field i think that the generalized > requirement for pattern matching meets the requirement. as pointed out > earlier by a couple of people, i believe that regular expressions should > be used as the basis for patterning. Matching of X500 Distinguished Names can not be handled via regular expressions (case, ordering of attribute-value assertions, handling of spaces, etc.). URL's can not be handled via regular expressions (places where case matters versus where it does not). Attributes that are themselves complex types (such as certain X509 Attribute Certificate attributes) can not be handled via regular expressions. I don't think the language syntax itself can handle the matching rules for real-world sets of attributes. I think the language must have a way of pointing to executables for handling the matching. Anne -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC