Changes between Version 15 and Version 16 of Internal/Rbac/OrbitRbacDesign/OasisRbac
- Timestamp:
- Sep 11, 2006, 7:01:12 PM (18 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Internal/Rbac/OrbitRbacDesign/OasisRbac
v15 v16 7 7 The policies specified in this profile assume all the roles for a given subject have already been enabled at the time an authorization decision is requested. They do not deal with an environment in which roles must be enabled dynamically based on the resource or actions a subject is attempting to perform. For this reason, the policies specified in this profile also do not deal with static or dynamic Separation of Duty (see 8 8 [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/ANSI+INCITS+359-2004.pdf ANSI-RBAC]]). A future profile may address the requirements of this type of environment. 9 10 The OASIS Technical Committee also produced the XACML Profile for Role Based Access [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/cd-xacml-rbac-profile-01.pdf OAS04]] and the OASIS eXtensible Access Control Markup Language (xacml) v2.0. T[[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/access_control-xacml-2.0-saml-profile-spec-os.pdf OAS05b]]. 9 11 10 12 Bacon and Moody promote RBAC using XML for open, secure, widely distributed services iin [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p59-bacon.pdf BM02a]], and Bacon, Moody, and Yao present a more in-depth preentation of OASIS Role-Based Access Control in [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p492-bacon.pdf BMY02]].