[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [xacml] Problem Statement for "Fully specify hierarchical resources". Forwarded message from Anne Anderson.
[Reposting, since original no longer in archives after the mailing list updates -Anne] ------- start of forwarded message ------- From: Anne Anderson <Anne.Anderson@Sun.COM> To: XACML TC <xacml@lists.oasis-open.org> Subject: [xacml] Problem Statement for "Fully specify hierarchical resources" Date: Tue, 11 Mar 2003 13:27:42 -0500 This is a concrete problem statement for the XACML 1.1 work item titled "Fully specify hierarchical resources". While the spec makes it clear how hierarchical resources are supposed to be handled in the abstract, there are no concrete rules for how to handle particular types of resource hierarchies (eg filesystems, XML documents, LDAP services, etc). Because of this, it is not possible to provide implementations of XACML that can properly handle resource hierarchies in an interoperable and predictable way. In order for there to be good interoperability here, there needs to be standard language describing how to handle some of the more common kinds of hierachies, and it needs to cover the tricky cases like what happens when a parent node can't resolve some descendant nodes, etc. There also needs to be a way to identify which kind of hierarchy a particular resource in a policy follows. This may be implicit for some types of resources (e.g. .xml documents?), but not for others (e.g. filesystems that are not UNIX-like). Such an identifier would allow an implementation to invoke the hierarchy manager appropriate for the hierarchy type, or to report that it is unable to interpret the specified hierarchy type. Submitted by Anne Anderson and Seth Proctor. Anne Anderson -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692 ---------------------------------------------------------------- To subscribe or unsubscribe from this elist use the subscription manager: <http://lists.oasis-open.org/ob/adm.pl> ------- end of forwarded message ------- -- Anne H. Anderson Email: Anne.Anderson@Sun.COM Sun Microsystems Laboratories 1 Network Drive,UBUR02-311 Tel: 781/442-0928 Burlington, MA 01803-0902 USA Fax: 781/442-1692
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]