OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Concrete problem statement for references to rules

XACML currently supports including a Policy or a PolicySet by
referencing the identifier associated with Policy or PolicySet.
The elements used for this are "PolicyIdReference" and
"PolicySetIdReference".  The intent was to support distributed
policies, where different entities compose and manage different
parts of the policy space.  It also allows re-use of common
Policies in multiple PolicySets.

Similarly, it would be useful to support a RuleIdReference
wherever a Rule element is now supported.  This would allow
reference to distributed Rules, and also allow re-use of common
Rules in multiple Policies.  This second motivation is the
primary reason for requesting this addition to XACML.  In
practice, we have found that Rules tend to be re-used
frequently.  Being able to include them by reference makes the
composition and maintenance of consistent Policies much easier.

Anne Anderson
Anne H. Anderson             Email: Anne.Anderson@Sun.COM
Sun Microsystems Laboratories
1 Network Drive,UBUR02-311     Tel: 781/442-0928
Burlington, MA 01803-0902 USA  Fax: 781/442-1692

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]