Description
This is the second draft of the XACML MAP Authorization Profile. The following updates have been made:
Updated to reflect changes in the TNC MAP Content Authorization v31 specification.
Added figure 2
Added definitions to Glossary,
Added Non-Normative Reference
Added subject task attribute
Added attribute examples
Removed resource delete-metadata-by-other-client attribute
Added resource purge-own-metadata attribute
The XACML MAP Authorization Profile is the result of the collaboration between the TCG TNC MAP working group and the OASIS XACML technical committee.
The TNC MAP provides access control to metadata and constrains which operations an IF-MAP client can perform. The TNC MAP authorization model defines the use of an XACML Policy Decision Point (PDP) when making MAP access control decisions. This profile describes attributes for such decisions between the MAP server and the XACML PDP.
