[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [xacml] Fundamental concepts in XACML
For our "background" section, I thought it would be helpful for
us to identify the fundamental concepts and mechanisms used in
XACML. We can then identify the earlier work that developed
those concepts and mechanisms.
Here is a starter list:
-Describing access request in terms of:
Subject -> Action -> Resource/Object
-Request including attributes of Subject and Resource/Object
-Policy based on attributes of Subject and Resource/Object
o Attribute-based rules
o Identity-based rules
-Rule based access control
-Access control language
-Boolean operations on access rules
-Obligations as part of rules
Any others? Any refinements to this list?
John Erickson, in e-mail to the Rights Language TC, listed some
early references to work on policies attached to resources. We
can make use of his list for some items, I'm sure.
http://lists.oasis-open.org/archives/rights/200206/msg00029.html
Anne
--
Anne H. Anderson Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311 Tel: 781/442-0928
Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC