OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [xacml] Transform specification in PolicyStatement

In my last XACML context proposal, I specified <Transform> element in the
<PolicyStatement> to explicitly write the transformation rule in the
policy. But I am wondering whether <Transform> specification should be
specified within PolicyStatement or not. It might be nice to include such
information in the policy, but second idea would be to define specification
like <Transform> outside the XACML specification e.g. as PDP definition
because XACML policy only refers to information defined in XACML Context,
not original credential like SAML. Transformation also depends on PDP's
functionality about what kind of credential PDP can understand. This
implies that <Transform> is much closer to the PDP's functionality. The
third idea is somewhat in-between, so it just specifies transform URI (not
exact transformation specification or URL) in the <PolicyStatement>. Any

Michiharu Kudo

IBM Tokyo Research Laboratory, Internet Technology
Tel. +81 (46) 215-4642   Fax +81 (46) 273-7428

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC