XACML eXtensible Access Control Markup Language - PowerPoint PPT Presentation

About This Presentation
Title:

XACML eXtensible Access Control Markup Language

Description:

An XML specification for the expression of access control ... Tivoli. University of Milan. Verisign. Simon Y. Blackwell, CTO. Cross Committee Representation ... – PowerPoint PPT presentation

Number of Views:86
Avg rating:3.0/5.0
Slides: 15
Provided by: sbl59
Category:

less

Transcript and Presenter's Notes

Title: XACML eXtensible Access Control Markup Language


1
XACMLeXtensible Access Control Markup Language
  • XML World 2001
  • 17-19 September
  • San Francisco, CA
  • Simon Y. Blackwell
  • Chairperson, XACML Technical Committee OASIS
  • CTO, Psoom, Inc.

2
XACML
  • An XML specification for the expression of access
    control policies that can
  • Be applied to anything referenced from XML
  • Refer to the content of the target of control
  • Be based on request context variables

3
XACML Participants
  • Authentify
  • CrossLogic
  • Entitlenet
  • Entrust
  • HP
  • IBM
  • Jamcracker
  • Netegrity
  • Oblix
  • Psoom
  • Reuters
  • Tivoli
  • University of Milan
  • Verisign

4
Cross Committee Representation
  • SAML
  • ebXML

5
Why XACML?
  • Promote Interoperability
  • Ensure Uniformity
  • Ease Development
  • Control XML Fragments

6
Promote Interoperability
  • Multiple vendor security solutions in one
    enterprise
  • Shared policy in business partnerships

7
Ensure Uniformity
  • Distributed, heterogeneous security systems with
    inconsistent policy
  • Multiple data base vendors
  • Custom applications
  • Firewalls
  • Operating systems

8
Ease Development
  • Separate policy from applications
  • Standard means for policy to refer to the content
    of its target and the context of a request

9
Control XML Fragments
  • XML documents are frequently used to store
    information with different security needs
  • Health records
  • Contracts

10
Features
  • Layered architecture, e.g.
  • Users -gt Groups -gt Roles
  • Targets -gt Target Security Levels
  • Standard Rights -gt User Defined Rights
  • XPATH
  • Provisional Actions

11
Demonstrations
  • IBM XACL
  • University of Milan XAS
  • Others

12
Schedule
  • December 2001 Candidate Specification
  • March 2002 v1.0 (grammar focus)
  • TBD (processing and protocols)

13
Interim Work To Explore
  • Standards Contributors
  • IBM XACL
  • http//alphaworks.ibm.com/tech/xmlsecuritysuite
  • University of Milan XAS
  • http//sansone.crema.unimi.it/samarati/Papers/www
    9.pdf
  • CrossLogix (proprietary)
  • http//www.crosslogix.com
  • Other work
  • http//www.xrml.org (digital rights management)
  • http//www.odrl.net
  • Extensive Reference Information
  • http//www.oasis-open.org/committees/xacml/docs/do
    cs.shtml

14
For More Information
  • http//www.xacml.org
  • Visit, Participate, Contribute
Write a Comment
User Comments (0)
About PowerShow.com