OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Policy language presentation

TC and Andrea,

I had to leave today's meeting after an hour so did not hear the last of
the presentation or subsequent discussion.

I was reminded of a paper that Andrea and the TC might find interesting
(if you have not already seen it):

Barker, Steve.  "The Next 700 Access Control Models or a Unifying
Meta-Model?"  SACMAT'09, June 3-5, 2009, Stresa, Italy.


The author is not friendly to XACML:

"A sceptical reader might also argue that a general language for
access control policy specification has already been described in
the access control literature: XACML [20]. However, in our view,
it is essential to define a general access control language in terms of
a well-defined access control model with a sound formal semantics
(rather than developing ad hoc access control languages with hopelessly
inadequate formal semantics, as is the case with XACML).
In addition to its unsatisfactory formal underpinnings, XACML is
not based on a well defined conceptual model of access control.
Attempts to retrofit aspects of access control models (via profiles)
have not been satisfactory."


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]