OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] XACML Research.

[ Lists Home | Date Index | Thread Index ]

Thanks for the information, Joe,

Since I happen to be using XACML right now, and I 
did not know that it would be a good bet to carry 
forward into the future, I'm pleased to 
understand that it apparently has a longer shelf 
life than I had anticipated.


At 9:35 AM -0400 9/16/04, Chiusano Joseph wrote:
>Regarding the future of XACML:
>In the past there has been quite a bit of observation (justified, IMO)
>regarding overlaps in functionality between SAML and XACML, with regard
>to authorization decisions. In the SAML 2.0 Core Specification (OASIS
>Committee Draft[1], released 17-Aug-2004), it states on p.29 regarding
>the SAML Authorization Decision Statement:
>"Note: The <AuthzDecisionStatement> feature has been frozen as of SAML
>V2.0, with no future enhancements planned. Users who require additional
>functionality may want to consider the eXtensible Access Control Markup
>Language [XACML], which offers enhanced authorization decision
>This is clearly a great step toward helping ensure that the 2 standards
>do not evolve in an overlapping manner for this functionality. One may
>interpret this as meaning a brighter future for XACML.
>Kind Regards,
>Joe Chiusano
>Booz Allen Hamilton
>Strategy and Technology Consultants to the World
>"Diego M. Gonzalez" wrote:
>>  I was working with XACML implementation in a 
>>.Net environment, and it was interesting for 
>>us. We have implemented in an internal project 
>>for resource management (books, CDs, DVDs, 
>>projector, etc) and it was very interesting. 
>>Some of the limitations of XACML (support for 
>>hierarchical resources requires too much 
>>configuration) were an issue, but we were able 
>>to solve them. Regarding the speed of 
>>development, every applcation requires some 
>>kind AccessControl management and we were able 
>>to save that development time. Some other 
>>interesting points for XACML is that a single 
>>language must be learned to define 
>>AccessControl policies for any project.
>>  My favourite feature of XACML is the how 
>>powerfull the language is, and of course very 
>>extensible (funtions, data types, combination 
>>algorithms, etc). It allows to express a wide 
>>range of rules with a very simple language.
>>  About the future of XACML, I have my point of 
>>view, I think Semantic Web technologies are 
>>growing faster, specially for the rule 
>>definition ontologies like SWRL, RuleML, DAML, 
>>etc. Those new rule based languages will make 
>>the "constraint definition markup languages" 
>>(like XACML or WS-Policy) to be based in the 
>>new rule definition technologies. CWM [3] is a 
>>sample of Access Control defined with semantic 
>>web technologies.
>>  There are some advances in such direction [1], and [2].
>>  Hope this helps,
>>  Diego Gonzalez
>>  Lagash Systems SA
>>  [1] http://ebiquity.umbc.edu/v2.1/get/a/publication/89.ppt
>>  [2] http://rei.umbc.edu/
>>  [3] http://www.w3.org/2000/10/swap/doc/cwm.html
>>  -----Original Message-----
>>  From: ΰ [mailto:yhw@cnic.cn]
>>  Sent: Wednesday, September 15, 2004 10:13 PM
>>  To: xml-dev@lists.xml.org
>>  Subject: [xml-dev] XACML Research.
>>  Hi,i am currently an MSc student and doing my 
>>dissertation research on The implement XACML on 
>>Grid System as a whole solution for users 
>>Access control.
>>  I wanted some information on where to find 
>>relevent information or link for the following:
>>  1.The impact of XACML
>>  -How it effects the Access-Control Technology?
>>  -an example of such implementation
>>  2. Next enterprise applications persistence 
>>J2EE based XML Access Control System or any 
>>other live implementation example and future 
>>  3.XACML impact on the speed of 
>>development,scalability,portability and other 
>>feature how it actually achieves it.Some social 
>>factors as well such as increased usability in 
>>terms of 
>>users,developers,administrators,managers and 
>>all the user groups.
>  >
>>  and finally FUTURE OF XACML
>>  I know theses are very specific questions bu 
>>any response to any of the above is much 
>>  sorry if any inconvenience caused.
>>  hope to hear soon
>>  Hongwei Yang
>>  -----------------------------------------------------------------
>>  The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
>>  initiative of OASIS <http://www.oasis-open.org>
>>  The list archives are at http://lists.xml.org/archives/xml-dev/
>>  To subscribe or unsubscribe from this list use the subscription
>>  manager: <http://www.oasis-open.org/mlmanage/index.php>
>Kind Regards,
>Joseph Chiusano
>Booz Allen Hamilton
>The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
>initiative of OASIS <http://www.oasis-open.org>
>The list archives are at http://lists.xml.org/archives/xml-dev/
>To subscribe or unsubscribe from this list use the subscription
>manager: <http://www.oasis-open.org/mlmanage/index.php>

Rex Brooks
GeoAddress: 1361-A Addison, Berkeley, CA, 94702 USA, Earth
W3Address: http://www.starbourne.com
Email: rexb@starbourne.com
Tel: 510-849-2309
Fax: By Request


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS