Patterns for the eXtensible Access Control Markup Language
暂无分享,去创建一个
Web services are becoming the way for enterprises to interoperate. Many security standards for them have been developed; one of these is XACML (eXtensible Access Control Markup Language). XACML has been defined by OASIS and it includes a policy, an access decision language, and a specialized web services policy language. We present here three architectural patterns for XACML. The XACML Authorization pattern unifies the definition of authorization rules throughout an organization. WSPL is a specialization of XACML Authorization, intended to describe access control rules for web services. The XACML Access Control Evaluation pattern defines a request/response syntax for access control decisions.
[1] Ralph Johnson,et al. design patterns elements of reusable object oriented software , 2019 .
[2] Eduardo B. Fernandez,et al. A pattern language for security models , 2001 .
[3] Eduardo B. Fernández,et al. A Pattern System for Access Control , 2004, DBSec.