RE: [xacml] F2F Agenda Topics

["Tyson, Paul H" <PTyson@bellhelicopter.textron.com>]

This sounds like a very strange business case, and I don't see how XACML
can help.

It does not appear to be a rational model for policy development if
independent groups are making rules concerning potentially overlapping
instances of subject/resource/action.  That is anarchy, not federation.

And even if some enterprises find it useful to develop policies that
way, the PDP implementation should allow specifying one of the existing
policy-combining algorithms (or a custom one) at the notional "root" of
the policy tree.

Regards,
--Paul

> -----Original Message-----
> From: david.choy@emc.com [mailto:david.choy@emc.com]
> Sent: Friday, June 17, 2011 15:38
> To: bill@parducci.net; xacml@lists.oasis-open.org
> Subject: RE: [xacml] F2F Agenda Topics
> 
> I'd like to add another topic to the agenda list: combining algorithm
> for a distributed admin environment.
> 
> Currently, combining algm is specified only within a container (a
> policy or a policy set). In an enterprise, policy admin is usually
> distributed among different organizational units, ranging from small
> workgroups to the corporate level. For a given decision request, there
> may be multiple applicable policies that are created by different
admin
> authorities. These policies may not know the existence of each other,
> and may not be encapsulated in a single policyset. We need a broader
> model for combining algm to resolve conflict in this case. I'll be
glad
> to give an example at the F2F.
> 
> David
> 
> -----Original Message-----
> From: Bill Parducci [mailto:bill@parducci.net]
> Sent: Friday, June 17, 2011 6:46 AM
> To: XACML TC
> Subject: [xacml] F2F Agenda Topics
> 
> With the F2f rapidly approaching, we need to start nailing down the
> agenda. In the past we have chunked up the discussion topics so that
we
> can make sure to cover as many of them as possible, while driving the
> largest/most difficult issues to completion as the primary driver. To
> that end I would like to propose that we again break the days in half
> thus and then dissect from there as needed:
> 
>  Tuesday 8-12
>  Tuesday 1-5
>  Wednesday 8-12
>  Wednesday 1-5
>  Thursday 8-12
> 
> Below is a non-exhaustive list of open issues.
> 
>   Attribute Predicate
>   BTG
>   PIP Directive
>   JSON Profile
>   Obligation/Advice Combining
>   PAP Interface
>   RSA Interop
>   "Web Friendly" Policy Ids
>   "Sticky" Policies
>   XACML Metadata Schema
> 
> I suggest that we begin by fleshing out this list, then prioritize and
> schedule those topics that have the most interest and will have
> champions in attendance. My goal is to have a candidate agenda for the
> TC call next Thursday so please take a few moments to chime in with
> your thoughts.
> 
> thanks
> 
> b
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php