[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: xacml extension points (item 11)
|
Extension points in xacml policy
proposal.
As suggested by Michiharu some time ago (http://lists.oasis-open.org/archives/xacml/200207/msg00166.html),
we need extension points in xacml policy to specify "algorithm-local"
parameters.
My proposal follows Michiharu's with small changes
to the extension element type.
Proposal:
Allow element of type xacml:ParametersType as
an optional child of xacml:PolicySet, xacml:Policy, xacml:Rule, and
xacml:Obligations elements. If xacml:Parameters element is not empty, pdp must
be able to process all xacml:Parameter elements. (Alternatives possible: 1 - pdp
may ignore properties it does not understand, 2 - introduce MustUnderstand
attribute to the xacml:Parameter element)
Schema:
<xs:element name="Parameters"
type="xacml:ParametersType"/>
<xs:complexType name="ParametersType"> <xs:sequence> <xs:element ref="xacml:Parameter" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:complexType> <!-- --> <xs:element name="Parameter" type="xacml:ParameterType"/> <xs:complexType name="ParameterType"> <xs:sequence> <xs:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> <xs:attribute name="ParameterName" type="string" use="required"/> </xs:complexType> |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]