Databases Reference
In-Depth Information
<Request>
<Subject>
<Attribute AttributeId="
subject-id
" DataType="string">
<AttributeValue>
Robert
</AttributeValue> </Attribute>
<Attribute AttributeId="
role
" DataType="string">
<AttributeValue>
Reviewer
</AttributeValue>
</Attribute>
</Subject>
<Resource scope="EntireHierarchy">
<ResourceContent>
<rs:review summary xmlns:rs="urn:review summary:schema">
<rs:notificationDue>6/30/07</rs:notificationDue>
<rs:entry>
<rs:paper id="0120">XML Policy Model</rs:paper>
<rs:authorName>Carol</rs:authorName>
<rs:review><rs:reviewerName>Robert</rs:reviewerName>
<rs:rating>3.5</rs:rating>
</rs:review>
<rs:result status="final">Accept</rs:result>
</rs:entry>
</rs:review summary>
</ResourceContent>
<Attribute AttributeId="
resource-id
" DataType="xpath-expression">
<AttributeValue>
//rs:review summary/rs:entry[position()=1]
</AttributeValue>
</Attribute>
</Resource>
<Action>
<Attribute AttributeId="
action-id
" DataType="string">
<AttributeValue>
read
</AttributeValue>
</Attribute>
</Action>
</Request>
Fig. 6.
XACML Request Context Sample
<Response>
<Result>
<Decision>Deny</Decision>
</Result>
</Response>
Fig. 7.
XACML Response Context Sample
it implements its interface to grant access from callers. WS-Policy is critical
to achieve interoperability for the high-level functional operation of the Web
services.
Unlike XACL and XACML, WS-Policy defines a wrapper to hold one
or more policy assertions. The wrapper itself has limited semantics, leaving
the details to the policy assertions from various domains such as
security
,
privacy
,
application priority
,
user account priorities
,and
traffic
control
.
Some of these assertions specify traditional requirements and capabilities
that will ultimately be manifested on the wire (i.e., security, trac control).
