[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] F2F Agenda Topics
This sounds like a very strange business case, and I don't see how XACML can help. It does not appear to be a rational model for policy development if independent groups are making rules concerning potentially overlapping instances of subject/resource/action. That is anarchy, not federation. And even if some enterprises find it useful to develop policies that way, the PDP implementation should allow specifying one of the existing policy-combining algorithms (or a custom one) at the notional "root" of the policy tree. Regards, --Paul > -----Original Message----- > From: david.choy@emc.com [mailto:david.choy@emc.com] > Sent: Friday, June 17, 2011 15:38 > To: bill@parducci.net; xacml@lists.oasis-open.org > Subject: RE: [xacml] F2F Agenda Topics > > I'd like to add another topic to the agenda list: combining algorithm > for a distributed admin environment. > > Currently, combining algm is specified only within a container (a > policy or a policy set). In an enterprise, policy admin is usually > distributed among different organizational units, ranging from small > workgroups to the corporate level. For a given decision request, there > may be multiple applicable policies that are created by different admin > authorities. These policies may not know the existence of each other, > and may not be encapsulated in a single policyset. We need a broader > model for combining algm to resolve conflict in this case. I'll be glad > to give an example at the F2F. > > David > > -----Original Message----- > From: Bill Parducci [mailto:bill@parducci.net] > Sent: Friday, June 17, 2011 6:46 AM > To: XACML TC > Subject: [xacml] F2F Agenda Topics > > With the F2f rapidly approaching, we need to start nailing down the > agenda. In the past we have chunked up the discussion topics so that we > can make sure to cover as many of them as possible, while driving the > largest/most difficult issues to completion as the primary driver. To > that end I would like to propose that we again break the days in half > thus and then dissect from there as needed: > > Tuesday 8-12 > Tuesday 1-5 > Wednesday 8-12 > Wednesday 1-5 > Thursday 8-12 > > Below is a non-exhaustive list of open issues. > > Attribute Predicate > BTG > PIP Directive > JSON Profile > Obligation/Advice Combining > PAP Interface > RSA Interop > "Web Friendly" Policy Ids > "Sticky" Policies > XACML Metadata Schema > > I suggest that we begin by fleshing out this list, then prioritize and > schedule those topics that have the most interest and will have > champions in attendance. My goal is to have a candidate agenda for the > TC call next Thursday so please take a few moments to chime in with > your thoughts. > > thanks > > b > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]