[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xacml] Draft XACML FAQ, Take 2
nicely done. i would like to propose an addition to the following: > 2. > > *What is the need for such a standard?* > > Currently, there are many proprietary or application-specific > access control policy languages. This means policies can not be > shared across different applications, and provides little > incentive to develop good policy composition tools. Many of the > existing languages do not support distributed policies, are not > extensible, or are not expressive enough to meet new requirements. > XACML enables use of arbitrary attributes in policies, role based > access control, security labels, time/date-based policies, > indexable policies, "deny" policies, and dynamic policies, all > without requiring changes to the applications that use XACML. append: Adoption of XACML across vendor and product platform should provide the opportunity for organizations to perform security [policy] audits directly across such system. or something to that affect. i am a big proponent of 'holistic' security policy management and that is almost impossible today. it is my hope that XACML will eventually allow tools to be developed that allow clients to map/evaluate corporate policy to technology implementations. i also like hal's suggestion that we include the xrml reference. b
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]