[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xacml] FW: Draft Special Publication 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations
I think this should be omitted from Section 2 (ABAC):
Unfortunately, without a formal definition and implementation guidance, the user and technology communities started implementing
ABAC solutions and defining new versions of advanced access control models based upon the XACML model without a common understanding or definition of ABAC.
Sections 3.2.2.12 and 3.2.3.3 should acknowledge and recommend the use of domain specific attribute taxonomies, such as XACML EC-US, IPC, XSPA, and TSCP BAILS.
Section 3.2.1.5 could benefit from a description of the Advice element. Lastly, I think the TC should advocate for stronger terms in section 3.2.2.1 regarding a recommendation for using XACML for ABAC. From: xacml@lists.oasis-open.org [mailto:xacml@lists.oasis-open.org]
On Behalf Of Hal Lockhart Time is short if the TC plans to comment on this before the deadline. John can you identity any particular parts or aspects of this document which it might appropriate for the TC to comment on? Perhaps if members can focus their attention on specific issues, we may get a bit more discussion. FYI, those of us involved with OpenAz will be making a comment on behalf of that project relating to Enablement and Interoperability. Hal From: Tolbert, John W [mailto:john.w.tolbert@boeing.com]
FYI
NIST Draft Special Publication 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations is NOW available for review/comment. If you would like to submit comments to this
draft document, below are the necessary details:
URL to the full announcement of Draft SP 800-162:
Deadline to submit comments is: MAY 31, 2013.
Email address to submit comments to:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]