OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [xacml] Problem Statement for "Condition Reference"

This is a concrete problem statement for the XACML 1.1 work item titled
"condition reference".

The current XACML spec provides sufficient set of primitives for specifying
conditional expressions. However, there is no way to refer to it. In other
words, even if there is only one condition is needed in the system (e.g.
access is allowed in weekday from 9 to 20) that is used in thousands of
rules, the identical conditions must be specified in each rule repeatedly.

If there is a way to group or catalogue condition expression in XACML and
allows each rule to refer to, a rule specification becomes much more
concise and it facilitates policy administration. In some sense, it is just
like <PolicySetIdRefernece> and <PolicyIdReference>.

Therefore, XACML schema definition should support some way to support
condition reference.

Michiharu Kudo

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]