OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Groups - XACML v3.0 Dynamic Attribute Authority Version 1.0 uploaded


Submitter's message
Here is a first draft for discussion on the next TC conference call. The technical content is mostly complete, but examples are still to be provided, which are important to show how it all fits together in practice.
-- Dr. Steven Legg
Document Name: XACML v3.0 Dynamic Attribute Authority Version 1.0

Description
This specification defines a new XACML system component, the Dynamic
Attribute Authority, which augments the request context of an XACML
authorization request with additional attributes and attribute values that
are generated on demand according to a set of rules. The rules are
expressed as XACML policies, use obligations to specify the additional
attributes and values, and are processed in the normal manner of a Policy
Decision Point. This means that a Dynamic Attribute Authority can be
readily constructed from existing XACML system components.

A primary use case for the Dynamic Attribute Authority is role enablement,
where the dynamic attribute in question is the subject role.
Download Latest Revision
Public Download Link

Submitter: Dr. Steven Legg
Group: OASIS eXtensible Access Control Markup Language (XACML) TC
Folder: Specifications and Working Drafts
Date submitted: 2021-03-28 17:21:48



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]