OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xacml] Re-use of rules in multiple policies


The PAP could make a copy of the rule and insert it into a policy.


On 2012-02-24 09:34, remon.sinnema@emc.com wrote:

Section 2.2 of the core 3.0 spec reads:

278 The<Rule>
279 element contains a Boolean expression that can be evaluated in isolation, but that is not intended to be
280 accessed in isolation by a PDP. So, it is not intended to form the basis of an authorization
281 decision by itself. It is intended to exist in isolation only within an XACML PAP, where it may form the basic unit of
282 management, and be re-used in multiple policies.

How do we envision this re-use of a rule in multiple policies? I don't think the schema has any mechanism for such re-use, like it has for policies through<PolicyIdReference>.


To unsubscribe, e-mail: xacml-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: xacml-help@lists.oasis-open.org

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]