The XACML Specifications, recently submitted to OASIS, contains information about an XML-based authorization control framework. There are also several articles at NIST about RBAC. For my own personal project and information, I would be very interested in learning your views on integrating the two should this be the direction of your integration effort.
XACML: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml RBAC at NIST: http://csrc.nist.gov/rbac/Cheers,
N2--
Anh Thu Vo
Stephen Eaton wrote:
I too am looking down this path. I have only briefly looked at somehow integrating the current Turbine security model into AXIS as my web app uses both turbine and AXIS. Stephen...-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 10 June 2003 10:24 PM To: [EMAIL PROTECTED] Subject: AXIS and RBAC Dear AXIS List, I'm working on developing an RBAC (Role Based Access Control) system to protect our Asset Management resources. Currently, I have a PermissionsHandler which sets the permissions necessary to perform a given operation. This information is then set in the MessageContext and is referenced by the AuthorizationHandler. Now it occurs to me that it would be alot more flexible (not to mention writing less code on my end) to specify this permission in an XML file, which could then be referenced by a generic PermissionsHandler instead of having a seperate PermissionsHandler for each service. Before I head down this road, I thought I would check to see if this was something that had been tackled already. I didn't see anything in either the WSDD schema or the WSDL specification, but it's possible I could have missed something. Thanx, Ian Ian D. Stewart Open Systems Engineer II Enterprise Midrange - Bank One Infrastructure & Operations [EMAIL PROTECTED] (614) 213-6100 This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you.
