A call for participation has been issued in connection with a new OASIS Technical Committee for the Extensible Access Control Markup Language (XACML). The purpose of the XACML TC is "to define a core schema and corresponding namespace for the expression of authorization policies in XML against objects that are themselves identified in XML. The schema will be capable of representing the functionality of most policy representation mechanisms available at the time of adoption. It is also intended that the schema be extensible in order to address that functionality not included, custom application requirements, or features not yet envisioned. Issues to be addressed include, but are not limited to: fine grained control, the nature of the requestor, the protocol over which the request is made, content introspection, the types of activities authorized. The initial list of deliverables includes a statement of scope; glossary; bibliography; use cases; detailed requirements; proposed standard; model examples for 'native' and non-native XML targets of control; reference implementations. To ensure work is not duplicated and standards adoption is as simple as possible, XACML shall adopt as baseline documents the work products of the OASIS Security Services TC."
From the announcement:
A new OASIS technical committee is being formed. The eXtensible Access Control Markup Language (XACML) Committee has been proposed by Simon Blackwell, PSoom; Ken Yagen, CrossLogix; Gilbert Pilz, Jamcracker; Michiharu Kudoh, IBM; Krishna Sankar, Cisco; Ernesto Damiani, individual member; Bill Parducci, individual member; Frank Chum, PSoom; Joe Pato, HP; Fred Moses, EntitleNet; and Meg Kistin Anzalone, EntitleNet.
Related Work: To ensure work is not duplicated and standards adoption is as simple as possible, XACML shall adopt as baseline documents the work products of the Security Services TC including but not limited to a Domain Model and Glossary. Furthermore, Use Cases and Requirements documents will share content that is common through normative references. The XACML TC shall keep its work consistent with the work of the Security Services TC by requesting enhancements to, modifications of, and cross-references from Security Services TC documents through a formal liaison with the Security Services TC. This liaison will include the regular sharing of deliverables and status reports during teleconferences or at face-to-face meetings.
- Announcement 2001-04-16: "OASIS TC Call for Participation: XACML."
- Press release 2001-04-24: "OASIS Forms Technical Committee to Standardize Security Access Control with XML. Interoperability Consortium to Develop XACML."
- XACML TC mailing list archive
- XACML Discussion mailing list archive
- XACML web page
- OASIS Technical Committee process
- Technical Committee Overview
- "Extensible Access Control Markup Language (XACML)" - Main reference page.
- "XML Access Control Language (XACL)" - Main reference page.