[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] Rule References
I would fully agree with that. Daniel. -----Original Message----- From: Polar Humenn [mailto:polar@syr.edu] Sent: Thursday, June 05, 2003 5:16 AM To: XACML Subject: [xacml] Rule References As I understand it, it looks like Rule References are still going to be an element of XACML. I think I am opposed to this. Before, a Policy was a defined set of rules with a defined combining algorithm. We decided a long time ago that a The policy was the smallest point of administration, and it was completely semantically defined. Sticking them outside the policy breaks that. I don't think I mind if rules are defined in the policy and referenced multiple times within the policy, although I don't see much of a point at the rule level, but can see how this can work at the Condition level, i.e. combining different conditions which are previously defined within the same policy. Rule References seem to be defined as anyURIs and that brings them outside of the policy. Once rules incorporated referenced from outside the policy, it becomes unwieldy, as you cannot specify the evaluation semantics of a policy in the face of dynamically updating outside rules. Rules can change dynamically underneath the URI. I don't like this. This will also blow any hope of using XACML within the CORBA policy management model for the Resource Access Decision facitity, as the Policy is the smallest point of administration. Unfortunately, I'm in Paris :) at the OMG meeting, and I will not be able to make the con call today. I've been trying to follow dicussions, but I must admit to be lax somewhat due to other work and travel. I've been on the road for 3 weeks now. Ugghh. I should be home next week. Cheers, -Polar You may leave a Technical Committee at any time by visiting http://www.oasis-open.org/apps/org/workgroup/xacml/members/leave_workgroup.p hp
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]