Description
Working draft for a 2.0 version of the XACML Profile for Role Based Access Control. It contains only the following changes from the 1.0 Committee Draft version:
1) RECOMMENDs use of the following URI as the "role" Attribute AttributeId: "urn:oasis:names:xacml:2.0:subject:role"
2) Changed examples to use this AttributeId
3) Changed DataType of "role" Attribute in examples to "anyURI", consistent with existing recommendations.
4) Clarified in various places in the text that a particular "role" is associated with a role Attribute with a specific role value, not just with an AttributeId.
5) Fixed examples to use XACML 2.0 syntax. Fixed references to values to include XACMl 1.0, 1.1, and 2.0 syntax.
6) Fixed the XML Internal Entity declaration example: it used "&xml;#string" rather than "&xml;string". The Internal Entity declaration includes the "#".
7) Changed references to "XACML" to include versions 1.0, 1.1, and 2.0.
8) Changed reference to the ANSI RBAC specification to include the identifier for it as a standard now that it has been approved by ANSI.