[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: XACML Research.
Srilekha Mudumbai wrote: > > My comment is that XACML stands unique in a way that it not only > provides a rich language for expressing policies, but > also provides a request/response language for exchanging > policy decisions. > > People had been talking about XACML in the past. They are now thinking > about deploying it in web services security. Yes, but XACML has always been intended as a general-purpose (i.e. not focused specifically on Web Services) access control policy language, and my prediction is that it will remain as such into the future. The XACML TC did produce a Web Services Policy Language (WSPL[1]) draft about one year ago, but it has not advanced within the XACML TC due (IMO) to the core focus of the TC. I wouldn't be surprised to see an open standard for Web Services Policy (access control and more) sometime within the next year, whether it "branches off" of XACML or is a new committee altogether. Kind Regards, Joe Chiusano Booz Allen Hamilton Strategy and Technology Consultants to the World [1] http://www.oasis-open.org/committees/download.php/3661/draft-xacml-wspl-04.pdf > One of the real strengths > of XACML lies in leveraging assertion and protocol mechanisms provided > by SAML. > As more and more people start implementing XACML solutions, the power of > XACML will be unleashed. But the transition to XACML will take sometime. > In my opinion, XACML is here to stay for a few solid years. > > Regards > Srilekha > > Srilekha Mudumbai > > Jericho Systems Corporation > Dallas, Texas > 972-231-2000 > > The information contained in this e-mail and all attachments transmitted > with it is the Confidential and Proprietary information of Jericho > Systems, Corp. If the reader of this message is not the intended > recipient, or an employee or agent responsible for delivering this > message to the intended recipient, you are hereby notified that any > dissemination, distribution, copying, or other use of this message or > its attachments is strictly prohibited. If you have received this > message in error, please notify the sender immediately by replying to > this message and please delete it from your computer > > > -----Original Message----- > From: Diego M. Gonzalez [mailto:diegog@l...] > Sent: Thursday, September 16, 2004 8:11 AM > To: xml-dev@l... > Subject: RE: XACML Research. > > My comment about future of XACML requires some clarification. I was > writing about the long term future of XACML, of course semantic web > technologies requires too much work to finish them and OWL-S is still > under discussion. > > I think it is very important related to the WebServices technologies and > standards. So I agree with Joseph in XACML brighter future. > > Best regards, > Diego Gonzalez > Lagash Systems SA > > -----Original Message----- > From: Chiusano Joseph [mailto:chiusano_joseph@b...] > Sent: Thursday, September 16, 2004 10:36 AM > To: Diego M. Gonzalez > Cc: xml-dev@l... > Subject: Re: XACML Research. > > Regarding the future of XACML: > > In the past there has been quite a bit of observation (justified, IMO) > regarding overlaps in functionality between SAML and XACML, with regard > to authorization decisions. In the SAML 2.0 Core Specification (OASIS > Committee Draft[1], released 17-Aug-2004), it states on p.29 regarding > the SAML Authorization Decision Statement: > > "Note: The <AuthzDecisionStatement> feature has been frozen as of SAML > V2.0, with no future enhancements planned. Users who require additional > functionality may want to consider the eXtensible Access Control Markup > Language [XACML], which offers enhanced authorization decision > features." > > This is clearly a great step toward helping ensure that the 2 standards > do not evolve in an overlapping manner for this functionality. One may > interpret this as meaning a brighter future for XACML. > > Kind Regards, > Joe Chiusano > Booz Allen Hamilton > Strategy and Technology Consultants to the World > > [1] > http://www.oasis-open.org/committees/download.php/8823/sstc-saml-2.0-cd- > pdf-xsd.zip > "Diego M. Gonzalez" wrote: > > > > I was working with XACML implementation in a .Net environment, and it > was interesting for us. We have implemented in an internal project for > resource management (books, CDs, DVDs, projector, etc) and it was very > interesting. Some of the limitations of XACML (support for hierarchical > resources requires too much configuration) were an issue, but we were > able to solve them. Regarding the speed of development, every applcation > requires some kind AccessControl management and we were able to save > that development time. Some other interesting points for XACML is that a > single language must be learned to define AccessControl policies for any > project. > > My favourite feature of XACML is the how powerfull the language is, > and of course very extensible (funtions, data types, combination > algorithms, etc). It allows to express a wide range of rules with a very > simple language. > > > > About the future of XACML, I have my point of view, I think Semantic > Web technologies are growing faster, specially for the rule definition > ontologies like SWRL, RuleML, DAML, etc. Those new rule based languages > will make the "constraint definition markup languages" (like XACML or > WS-Policy) to be based in the new rule definition technologies. CWM [3] > is a sample of Access Control defined with semantic web technologies. > > > > There are some advances in such direction [1], and [2]. > > > > Hope this helps, > > > > Diego Gonzalez > > Lagash Systems SA > > > > [1] http://ebiquity.umbc.edu/v2.1/get/a/publication/89.ppt > > [2] http://rei.umbc.edu/ > > [3] http://www.w3.org/2000/10/swap/doc/cwm.html > > > > -----Original Message----- > > From: Ñîºêΰ [mailto:yhw@c...] > > Sent: Wednesday, September 15, 2004 10:13 PM > > To: xml-dev@l... > > Subject: XACML Research. > > > > Hi,i am currently an MSc student and doing my dissertation research on > The implement XACML on Grid System as a whole solution for users Access > control. > > I wanted some information on where to find relevent information or > link for the following: > > > > 1.The impact of XACML > > -How it effects the Access-Control Technology? > > -an example of such implementation > > > > 2. Next enterprise applications persistence J2EE based XML Access > Control System or any other live implementation example and future > perspectives. > > > > 3.XACML impact on the speed of development,scalability,portability and > other feature how it actually achieves it.Some social factors as well > such as increased usability in terms of > users,developers,administrators,managers and all the user groups. > > > > and finally FUTURE OF XACML > > > > I know theses are very specific questions bu any response to any of > the above is much appreciated. > > > > sorry if any inconvenience caused. > > > > hope to hear soon > > > > Hongwei Yang > > > > ----------------------------------------------------------------- > > The xml-dev list is sponsored by XML.org <http://www.xml.org>, an > > initiative of OASIS <http://www.oasis-open.org> > > > > The list archives are at http://lists.xml.org/archives/xml-dev/ > > > > To subscribe or unsubscribe from this list use the subscription > > manager: <http://www.oasis-open.org/mlmanage/index.php> > > -- > Kind Regards, > Joseph Chiusano > Associate > Booz Allen Hamilton > > ----------------------------------------------------------------- > The xml-dev list is sponsored by XML.org <http://www.xml.org>, an > initiative of OASIS <http://www.oasis-open.org> > > The list archives are at http://lists.xml.org/archives/xml-dev/ > > To subscribe or unsubscribe from this list use the subscription > manager: <http://www.oasis-open.org/mlmanage/index.php> > > ----------------------------------------------------------------- > The xml-dev list is sponsored by XML.org <http://www.xml.org>, an > initiative of OASIS <http://www.oasis-open.org> > > The list archives are at http://lists.xml.org/archives/xml-dev/ > > To subscribe or unsubscribe from this list use the subscription > manager: <http://www.oasis-open.org/mlmanage/index.php> > > ----------------------------------------------------------------- > The xml-dev list is sponsored by XML.org <http://www.xml.org>, an > initiative of OASIS <http://www.oasis-open.org> > > The list archives are at http://lists.xml.org/archives/xml-dev/ > > To subscribe or unsubscribe from this list use the subscription > manager: <http://www.oasis-open.org/mlmanage/index.php> -- Kind Regards, Joseph Chiusano Associate Booz Allen Hamilton
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|