OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: CD-1 issue #10: denied access to internal nodes in hierarchy

The issue number refers to the XLS-sheet found in this email:

The commenter notes that if access is denied to an interior node and 
access is allowed to descendants of the denied node, then the 
reassembled allowed nodes do not correspond to the original schema 
anymore. The commenter proposes that the specification is changed so 
that denying an internal node also means deny to all descendant nodes.

The problem is actually wider than that. Denying (and thus removing) any 
single leaf node could invalidate the schema since the node might be 
required by the schema. So the proposed change would not fix the 
identified problem. The problem is inherent in doing access control on 
XML documents.

Also, in a more general case, it is useful to have the current model. 
For instance, in a medical application it could be the case that a 
researcher is allowed to see selected diagnostics information contained 
in a patient record, but the rest of the record, such as patient 
identifying data, is denied to him.

I propose that we make no change.

Best regards,

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]