XACML and the Cloud
Download
Report
Transcript XACML and the Cloud
XACML and the Cloud
What is XACML?
XML language for access control
Coarse or fine-grained
Extremely powerful evaluation logic
Ability to use any available information
Superset of Permissions, ACLs, RBAC, etc
Scales from PDA to Internet
Federated policy administration
OASIS and ITU-T Standard
XACML Cloud Features
Powerful language features
Federated Administration
Combining algorithms resolve conflicts
Administrative Policies
Capture complex business relationships
Policies managed by providers, customers, end
users
Global identifiers prevent name conflicts
Domain-specific Profiles
Healthcare, Intellectual property, Privacy
XACML Enables Efficient
Cloud Implementations
Stateless Server
Choice of imbedded or server-based PDP
Max performance or Access Control Service
Specification permits optimizations
Order of evaluation
Caching of Attributes
Caching of decisions or partial evaluations