XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: XACML Research.

saml and xacml
Play the video

Chiusano Joseph wrote:
> Regarding the future of XACML:
> 
> In the past there has been quite a bit of observation (justified, IMO)
> regarding overlaps in functionality between SAML and XACML, with regard
> to authorization decisions. In the SAML 2.0 Core Specification (OASIS
> Committee Draft[1], released 17-Aug-2004), it states on p.29 regarding
> the SAML Authorization Decision Statement:
> 
> "Note: The <AuthzDecisionStatement> feature has been frozen as of SAML
> V2.0, with no future enhancements planned. Users who require additional
> functionality may want to consider the eXtensible Access Control Markup
> Language [XACML], which offers enhanced authorization decision
> features."
> 
> This is clearly a great step toward helping ensure that the 2 standards
> do not evolve in an overlapping manner for this functionality. One may
> interpret this as meaning a brighter future for XACML.

I think you're right on here. There has been considerable effort in the 
XACML and SAML 2.0 processes to clearly define the relationship, and 
make sure we're not duplicating effort. In addition to specific changes 
to SAML 2.0, there is also an XACML Profile for SAML (which was just 
voted today to committee draft) which defines some specific elements of 
this relationship. I think this will make it even easier to use SAML and 
XACML as complimentary technologies.

As an aside, I've been involved in several prototype experiments to use 
SAML and XACML together. With the 2.0 specifications coming down the 
pipeline, I'm looking forward to finally seeing standard implementations 
that will interoperate. If anyone is bored (heh) and looking for 
something to try building, I'd be happy to provide some pointers about 
how to get started on this...


seth

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.