[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Q 6& 7 on spreadsheet listing NHIN comments on XSPA
Colleagues Comment 6 & 7 “Add an attribute “Rule Start
Date” and “Rule End Date” to the XSPA XACML profile.” The suggestion made in the comment would be a significant
extension to the authorization model. Currently neither the SAML nor the XACML
XSPA profile communicate policies or policy information. The profile
focuses on the authorizations of the requestor; the policies (organization
security policies and consent directives) are provided at each ACS. I can understand the need to specify the attribute
“Rule Start Date” and “Rule End Date” if one is sending
policies to a remote ACS policy store but I do not see how it fits into the XSPA
attribute information profile. The information can be specified outside
the profile, of coarse. With this explanation, does anyone still how the addition of
the attributes “Rule Start Date” and “Rule End Date” is
consistent with the authorization profile? Regards, David David Staggs, JD, CISSP (SAIC) David Staggs, JD, CISSP (SAIC) |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]