Cover Pages Logo SEARCH
Advanced Search
ABOUT
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors
NEWS
Cover Stories
Articles & Papers
Press Releases
CORE STANDARDS
XML
SGML
Schemas
XSL/XSLT/XPath
XLink
XML Query
CSS
SVG
TECHNOLOGY REPORTS
XML Applications
General Apps
Government Apps
Academic Apps
EVENTS
LIBRARY
Introductions
FAQs
Bibliography
Technology and Society
Semantics
Tech Topics
Software
Related Standards
Historic

Draft XACML Schema v10

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema targetNamespace="http://www.oasis-open.org/committees/xacml/docs/draft-xacml-schema-policy-10.xsd" xmlns:saml="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-24.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xacml="http://www.oasis-open.org/committees/xacml/docs/draft-xacml-schema-policy-10.xsd" elementFormDefault="qualified" attributeFormDefault="unqualified">
	<xs:import namespace="http://www.oasis-open.org/committees/security/docs/draft-sstc-schema-assertion-24.xsd" schemaLocation="D:\My Documents\Standards\Xacml\v10 schema\draft-sstc-schema-assertion-24.xsd"/>
	<xs:element name="policyStatement" type="xacml:PolicyStatementType"/>
	<xs:element name="ruleStatement" type="xacml:RuleStatementType"/>
	<xs:complexType name="PolicyStatementType">
		<xs:complexContent>
			<xs:extension base="saml:StatementAbstractType">
				<xs:sequence>
					<xs:element name="comment" type="xs:string" minOccurs="0"/>
					<xs:element name="target" type="xacml:TargetType"/>
					<xs:element name="rule" type="xacml:RuleRefType" maxOccurs="unbounded"/>
				</xs:sequence>
				<xs:attribute name="policyId" type="xs:anyURI" use="required"/>
				<xs:attribute name="policyName" type="xs:string" use="optional"/>
				<xs:attribute name="metaPolicyRef" type="xs:anyURI" use="required"/>
			</xs:extension>
		</xs:complexContent>
	</xs:complexType>
	<xs:complexType name="RuleStatementType">
		<xs:complexContent>
			<xs:extension base="saml:StatementAbstractType">
				<xs:sequence>
					<xs:element name="comment" type="xs:string" minOccurs="0"/>
					<xs:element name="target" type="xacml:TargetType"/>
					<xs:element name="effect" type="xacml:EffectType"/>
					<xs:element name="condition" type="xacml:PredicateExpressionType" minOccurs="0"/>
				</xs:sequence>
				<xs:attribute name="ruleId" type="xs:anyURI" use="required"/>
				<xs:attribute name="ruleName" type="xs:string" use="optional"/>
				<xs:attribute name="metaPolicyRef" type="xs:anyURI" use="required"/>
			</xs:extension>
		</xs:complexContent>
	</xs:complexType>
	<xs:complexType name="TargetType">
		<xs:sequence>
			<xs:element name="subjects" type="xacml:SubjectsType"/>
			<xs:element name="resources" type="xacml:ResourcesType"/>
			<xs:element name="actions" type="xacml:ActionsType"/>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="SubjectsType">
		<xs:sequence maxOccurs="unbounded">
			<xs:element ref="saml:Attribute"/>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="ResourcesType">
		<xs:sequence maxOccurs="unbounded">
			<xs:element ref="saml:Attribute"/>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="ActionsType">
		<xs:sequence>
			<xs:element ref="saml:Actions"/>
		</xs:sequence>
	</xs:complexType>
	<xs:simpleType name="EffectType">
		<xs:restriction base="xs:string">
			<xs:enumeration value="permitIf"/>
			<xs:enumeration value="permitOnlyIf"/>
			<xs:enumeration value="denyIf"/>
		</xs:restriction>
	</xs:simpleType>
	<xs:complexType name="PredicateExpressionType">
		<xs:choice>
			<xs:element ref="xacml:predicateExpression"/>
			<xs:element ref="xacml:predicate"/>
		</xs:choice>
	</xs:complexType>
	<xs:element name="predicateExpression" type="xacml:PredicateExpressionAbstractType" abstract="true"/>
	<xs:complexType name="PredicateExpressionAbstractType"/>
	<xs:element name="and" type="xacml:AndType" substitutionGroup="xacml:predicateExpression"/>
	<xs:element name="or" type="xacml:OrType" substitutionGroup="xacml:predicateExpression"/>
	<xs:element name="orderedOr" type="xacml:OrderedOrType" substitutionGroup="xacml:predicateExpression"/>
	<xs:element name="nOf" type="xacml:NOfType" substitutionGroup="xacml:predicateExpression"/>
	<xs:element name="not" type="xacml:NotType" substitutionGroup="xacml:predicateExpression"/>
	<xs:complexType name="AndType">
		<xs:sequence minOccurs="0" maxOccurs="unbounded">
			<xs:choice>
				<xs:element ref="xacml:predicateExpression"/>
				<xs:element ref="xacml:predicate"/>
			</xs:choice>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="OrType">
		<xs:sequence minOccurs="0" maxOccurs="unbounded">
			<xs:choice>
				<xs:element ref="xacml:predicateExpression"/>
				<xs:element ref="xacml:predicate"/>
			</xs:choice>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="OrderedOrType">
		<xs:sequence minOccurs="0" maxOccurs="unbounded">
			<xs:choice>
				<xs:element ref="xacml:predicateExpression"/>
				<xs:element ref="xacml:predicate"/>
			</xs:choice>
		</xs:sequence>
	</xs:complexType>
	<xs:complexType name="NOfType">
		<xs:sequence minOccurs="0" maxOccurs="unbounded">
			<xs:choice>
				<xs:element ref="xacml:predicateExpression"/>
				<xs:element ref="xacml:predicate"/>
			</xs:choice>
		</xs:sequence>
		<xs:attribute name="quorum" type="xs:positiveInteger"/>
	</xs:complexType>
	<xs:complexType name="NotType">
		<xs:choice>
			<xs:element ref="xacml:predicateExpression" minOccurs="0"/>
			<xs:element ref="xacml:predicate" minOccurs="0"/>
		</xs:choice>
	</xs:complexType>
	<xs:element name="predicate" type="xacml:PredicateAbstractType" abstract="true"/>
	<!--This is an XACML extensibility point.  New predicates may be added in the
		substitution group of "predicate"-->
	<xs:complexType name="PredicateAbstractType"/>
	<xs:element name="present" type="xacml:PresentType" substitutionGroup="xacml:predicate"/>
	<xs:element name="equal" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="greaterOrEqual" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="lessOrEqual" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="subset" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="superset" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="patternMatch" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:element name="nonNullSetIntersection" type="xacml:CompareType" substitutionGroup="xacml:predicate"/>
	<xs:complexType name="PresentType">
		<xs:complexContent>
			<xs:extension base="xacml:PredicateAbstractType">
				<xs:sequence>
					<xs:element ref="saml:AttributeDesignator"/>
				</xs:sequence>
			</xs:extension>
		</xs:complexContent>
	</xs:complexType>
	<xs:complexType name="CompareType">
		<xs:complexContent>
			<xs:extension base="xacml:PredicateAbstractType">
				<xs:sequence>
					<xs:element ref="saml:AttributeDesignator"/>
					<xs:choice>
						<xs:element ref="saml:AttributeDesignator"/>
						<xs:element ref="saml:Attribute"/>
					</xs:choice>
				</xs:sequence>
			</xs:extension>
		</xs:complexContent>
		<!-- XML operands in "set" operations MUST be of type xs:list -->
		<!-- XML operands in "inequality" operations MUST contain an xsi:type attribute for which
	XACML defines a comparison algorithm -->
	</xs:complexType>
	<xs:complexType name="RuleRefType">
		<xs:attribute name="ruleID" type="xs:anyURI"/>
		<xs:attribute name="authority" type="xs:anyURI"/>
	</xs:complexType>
</xs:schema>

Prepared by Robin Cover for The XML Cover Pages archive.
Globe Image

Document URL: http://xml.coverpages.org/XACML-v010d-xsd.html