xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes of January 5 2006 XACML TC Meeting


Minutes of OASIS XACML TC Meeting
10am EST, 5 January 2006

Agenda:

I. Roll Call and Agenda Review

   ATTENDEES:
   Anne Anderson
   Abbie Barbir
   Argyn Kuketayev
   Hal Lockhart
   Anthony Nadalin
   Seth Proctor (minutes)
   Erik Rissanen
   Ron Williams

  Quorum achieved

II.  Minutes from December 8 meeting voted upon:
     Approved unanimously
     No objections

III. Anne's email on Separation of Duty

     Hal referenced an email from Anne

       http://lists.oasis-open.org/archives/xacml/200512/msg00008.html

     about RBAC and dynamic separation of duty. There was a brief
     discussion of how this highlights some of the hand-waving in the
     RBAC model, and the question of how users know when to activate
     specific roles. It was noted that separation of duty is usually
     implemented in the context of specific actions, but it's still
     hard to handle role activation unless you give all roles, which
     defeats the purpose of separation of duty.

     Anne mentioned that David Ferraiolo and Richard Kuhn are starting
     work on a second edition of their book "Role-Based Access Control",
     and now is a good time to send them comments or suggestions for
     material to cover (dferraiolo@nist.gov and kuhn@nist.gov).

IV.  Default Values

     Hal referenced an email thread that starts here:

       http://lists.oasis-open.org/archives/xacml/200512/msg00010.html

     This started with a posting to the comments list asking about    
     default values for XACML policies. Hal voiced support for defaults
     like these, and suggest that folks weigh in on the matter.

V.   Erik's latest draft

     Hal pointed out that Erik's latest draft has been available for
     a while and that there haven't been many comments. He urged people
     to read the draft.

VI.  Open tasks

     Argyn asked about Daniel's new Target schema, and Hal volunteered
     that he was supposed to write up details for access-allowed. There
     was no further discussion on these topics.

Meeting adjourned.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]