Printer Friendly
The Free Library
14,633,919 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

XACML 2.0 Access Control Markup Language Approved as OASIS Standard.


BOSTON -- BEA Systems, Booz Allen Hamilton Booz Allen Hamilton, Inc., referred to as Booz Allen is one of the oldest strategy consulting firms in the world.[1] The firm formerly had two consulting divisions: WCB (Worldwide Commercial Business, also known as “The Commercial Side”) and WTB , Computer Associates, Entrust, Gluecode Software, IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) , Sun Microsystems, and Others Advance Open Standard for Information Access Control

The OASIS, the international e-business standards consortium, today announced that its members have approved the Extensible Access Control Markup Language (XACML (EXtensible Access Control Markup Language) An OASIS standard for managing access control policy. Released in 2003 and based on XML, the Sun-developed XACML was designed to become a universal standard for describing who has access to which resources. ) version 2.0 as an OASIS Standard, a status that signifies the highest level of ratification. XACML is used to represent and evaluate access control policies.

Dan Blum, Senior Vice President and Research Director of the Burton Group, noted, "Access control is a requirement of almost every application. XACML goes beyond simply denying or granting information access, it defines the mechanism for creating the rules and policy sets that enable meaningful authorization decisions."

To meet the needs of a wide range of users across many different environments, XACML 2.0 incorporates new profiles for Role Based Access Control (RBAC RBAC Role-Based Access Control (informatics)
RBAC Rule-Based Access Control (informatics)
RBAC Recreational Boating Advisory Council (Canada)
RBAC Re-Use Business Assistance Center ), Privacy, and Lightweight Directory Access Protocol (protocol) Lightweight Directory Access Protocol - (LDAP) A protocol for accessing on-line directory services.

LDAP was defined by the IETF in order to encourage adoption of X.500 directories.  (LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory. ). XACML 2.0 profiles also provide integration and hierarchical resources for the Security Assertion Markup Language (SAML (Security Assertion Markup Language) An XML-based format from OASIS for exchanging security information for single sign-on. The "assertions" are statements from a SAML authority that authenticate a user, confirm some attribute about the individual and grant or ) OASIS Standard.

"XACML is designed to standardize the use of declarative policy to control access to resources, which can reduce costs while increasing security," said Hal Lockhart, co-chair of the OASIS XACML Technical Committee. "XACML 2.0 can be of particular interest to those deploying SAML, looking for a practical way to implement RBAC or protecting hierarchical resources, such as portions of XML XML
 in full Extensible Markup Language.

Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations.  documents."

Before becoming an OASIS Standard, XACML v2.0 first completed an extensive public review and was approved by the OASIS XACML Technical Committee. Then, the specification demonstrated its readiness through multiple implementations, after which XACML was reviewed and approved by the OASIS membership as a whole.

"The approval of XACML 2.0 as an OASIS Standard builds on a solid base of XACML implementations by major international companies, start-ups, and open source providers," noted Patrick Gannon, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board.  of OASIS. "Increasingly, XACML is being recognized as an integral part of enterprise security frameworks. Our congratulations go to the members of the OASIS XACML Technical Committee for their hard work in advancing this standard."

XACML is part of the growing portfolio of OASIS Standards for security, which also includes the Application Vulnerability Description Language (AVDL AVDL Application Vulnerability Description Language ), SAML, Service Provisioning Markup Language (SPML SPML - server-parsed HTML ), WS-Security, and XML Common Biometric Format (XCBF XCBF XML Common Biometric Format ). OASIS members also advance specifications such as Digital Signature Services The introduction to this article provides insufficient context for those unfamiliar with the subject matter.
Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page.  (DSS) and Public Key Infrastructure (PKI).

XACML v2.0 was developed by members of the OASIS XACML Technical Committee, which includes representatives of BEA Systems, Booz Allen Hamilton, Computer Associates, Entrust, Gluecode Software, IBM, Sun Microsystems, and others. Participation remains open to all, and suppliers, end-users and system integrators are invited to join OASIS to advance the continued development and the adoption of XACML. OASIS hosts an open mail list for public comment and the xacml-dev mailing list for exchanging information on implementing the standard.

Industry Support for XACML OASIS Standard

BEA Systems

"BEA realizes the importance of a portable description for security policy and the significant benefit it can bring to customers. As a result, BEA supports the release of the XACML 2.0 specification as an OASIS standard and is working to incorporate support for the standard in future releases of BEA's product family," said Paul Patrick, Chief Security Architect, BEA Systems.

Cordance

"By taking the industry standard for policy-based access control to a new level, XACML 2.0 provides even more incentive for enterprises to adopt XML-based resource management infrastructure. The OASIS XRI (Extensible Resource Identifier eXtensible Resource Identifier (abbreviated XRI) is a scheme and resolution protocol for abstract identifiers compatible with Uniform Resource Identifiers and Internationalized Resource Identifiers, developed by the XRI Technical Committee at OASIS. ) and XDI (XRI Data Interchange) Technical Committees look forward to providing other key pieces of this infrastructure that will leverage the power of XACML 2.0," said Drummond Reed, CTO of Cordance Corporation and co-chair, OASIS XRI and XDI Technical Committees.

DataPower

"XACML finally enables organizations to move access control policy out of custom spaghetti code and into an interoperable, declarative XML form," said Eugene Kuznetsov, CTO, founder and chairman of DataPower. "Whether driven by new security threats, regulatory mandates or Web services, there is a growing need for fine-grained authorization for heterogeneous systems."

Gluecode Software

"We are pleased to contribute to the advancement of the XACML 2.0 standard," said Bill Parducci, security architect for Gluecode Software. "As an open source infrastructure company, participation in these standardization efforts allows us to deliver leading-edge solutions to our customers. We look forward to incorporating XACML 2.0 in our products to facilitate integration with an enterprise's central security policies."

Nokia

"Nokia applauds the accomplishment of the OASIS XACML Technical Committee in producing the XACML v2.0 open standard," said Frederick Hirsch, Senior Architect at Nokia. "Having an open and standard means of expressing and resolving authorization and entitlement policies will aid in building secure systems. Nokia is working to use such open standards to enhance the capabilities of its mobile platforms."

Sun Microsystems

"XACML is an important piece of technology for enabling access control for web services and part of the broader solution in providing a policy and security framework for web services," said Ed Julson, director of engineering for Web Technologies & Standards at Sun Microsystems. "Sun's active participation in the development of OASIS XACML 2.0 and our open source implementation of XACML are further evidence of our commitment to open standards and the interoperability benefits they bring to customers."

Additional Information:

OASIS XACML Technical Committee:

http://www.oasis-open.org/committees/xacml

Cover Pages Technology Report:

http://xml.coverpages.org/xacml.html

About OASIS:

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces open standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 4,000 participants representing over 600 organizations and individual members in 100 countries. Approved OASIS Standards include AVDL, CAP, DocBook, DSML (Directory Services Markup Language) A set of XML tags that defines the contents of a directory. Developed by Bowstreet, Inc., Tewksbury, MA (www.bowstreet. , ebXML, SAML, SPML, UBL, UDDI (Universal Description, Discovery and Integration) An industry initiative for a universal business registry (catalog) of Web services turned over to the stewardship of OASIS in 2002 as the version 3 specification of UDDI was released. , WS-Reliability, WSRP WSRP Web Services for Remote Portlets
WSRP Washington State Republican Party
WSRP Web Services for Remote Portals (less common)
WSRP West Semitic Research Project
WSRP Women's Studies in Religion Program , WSS, XACML, and XCBF. http://www.oasis-open.org
COPYRIGHT 2005 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Date:Mar 2, 2005
Words:1012
Previous Article:ACS Holdings, Inc. Announces Debt Restructuring and Files Form 8K.
Next Article:LIGHTCONNECT Celebrates Shipment of 40,000th VOA, Completes Industry Smallest VOA Qualification.



Related Articles
Free JSAML toolkit. (Software Tools).
XACML Access Control Markup Language Ratified as OASIS Open Standard; Universal Language for Authorization Policy Enables Secure Web Services.
Security Assertion Markup Language: the key to federated security services. (Internet).
Systems integration. (Technology Tools).(XML Global Technologies Inc.,)(Altova Inc.)(world's largest XML development tool)(Brief Article)
Common Alerting Protocol - CAP - Ratified as OASIS Standard.
OASIS oBIX Technical Committee Forms to Advance Web Services Standard for Building Management Industry.
OASIS Federated Identity Lab Demonstrates SAML 2.0 Interoperability for GSA E-Gov's E-Authentication Initiative.
Members Approve Security Assertion Markup Language - SAML - v2.0 as OASIS Standard.
Members Approve Election Markup Language (EML) as OASIS Standard.
Service Provisioning Markup Language (SPML) v2.0 Ratified as OASIS Standard.

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles