OASIS eXtensible Access Control Markup Language (XACML) TC

Join TC     TC Page     Send a comment to this TC

Representing and evaluating access control policies.

Hal Lochhart, harold.w.lochhart@gmail.com, Chair
Bill Parducci, Chair
Rich Levinson, rich.levinson@oracle.com, Secretary

Table of Contents

 

Announcements

We are pleased to announce the publication of XACML REST Profile Version 1.1 and JSON Profile of XACML 3.0 Version 1.1 as OASIS Standards. Pdf versions are available at the following links: XACML REST Profile: https://docs.oasis-open.org/xacml/xacml-rest/v1.1/os/xacml-rest-v1.1-os.pdf JSON Profile of XACML 3.0: https://docs.oasis-open.org/xacml/xacml-json-http/v1.1/os/xacml-json-http-v1.1-os.pdf

We are pleased to announce the publication of eXtensible Access Control Markup Language (XACML) Version 3.0 Plus Errata 01 OASIS Standard incorporating Approved Errata. A pdf version is available at the following link: eXtensible Access Control Markup Language (XACML) Version 3.0 Plus Errata 01 OASIS Standard incorporating Approved Errata 12 July 2017 Further info is below in the XACML 3.0 section.

We are pleased to announce the publication of eXtensible Access Control Markup Language (XACML) Version 3.0 OASIS Standard. A pdf version is available at the following link: eXtensible Access Control Markup Language (XACML) Version 3.0 OASIS Standard 22 January 2013 Further info is below in the XACML 3.0 section.

XACML 3.0 received the Influential Standardization Efforts Award at the European Identity Conference in Munich, May 2011.

 

Overview

The XACML Technical Committee defines a core XML schema for representingauthorization and entitlement policies.

For more information, see the TC Charter, FAQ, and "A Brief Introduction to XACML".

 

Technical Work Produced by the Committee

 

XACML 3.0 and other Work in progress:

The following committee specification, working drafts, and submissions represent XACML TC work in progress.

Note: except where otherwise noted, the links in the following list each point to the pdf versions of the spec (html and doc or other formats are ref'd on cover page within each pdf) and any associated xsd files or other related artifacts:

  • XACML Data Loss Prevention / Network Access Control (DLP/NAC) Profile Version 1.0 Committee Specification 01 / 16 February 2015

Other XACML 3.0 proposed features - currently not considered ready and not planned to be included in 3.0 release

XACML 2.0 Profiles currently under review for inclusion in XACML 2.0 (3.0 tbd)

 

XACML 2.0 Specification Set: XACML 2.0 Core and seven associated profiles were approved as OASIS Standards on 1 February 2005. An eighth profile, XSPA Profile of XACML 2.0 for Healthcare was approved as OASIS Standard on 1 November 2009

XACML 2.0 Errata: These are non-normative documents that contain TC-approved corrections for errors found in the specifications above.

 

XACML 1.1 Specification Set:

 

XACML 1.0 Specification Set:

 

The following work items are not currently on a standards track

The following work items are not currently under active development or discussion, but have not officially been withdrawn.

 

Expository Work Produced by the Committee

 

TC Tools and Approved Publications

 

External Resources

Although not produced by the OASIS XACML TC, the following information offers useful insights into its work:

 

Mailing Lists and Comments

xacml: the list used by TC members to conduct Committee work. TC membership required to post. TC members are automatically subscribed; the public may view archives.*

xacml-comment: a public mail list for providing input to the OASIS XACML Technical Committee members. Send a comment or view archives.*

xacml-dev: an unmoderated, public mail list that provides an open forum for developers of XACML policy evaluation engine implementations or supporting components and tools to exchange ideas and information on implementing the XACML OASIS Standard. Subscribe or view archives.*

xacml-users: an unmoderated, public mail list that provides an open forum for users of XACML to exchange ideas and information on expressing policies using the XACML OASIS language. Subscribe or view archives.*

xacml-demo-tech: a mailing list restricted to XACML TC members interested in technical aspects of an interoperability demo; archives are also limited to TC members. Subscribe or view archives.*

xacml-demo-mktg: a mailing list restricted to XACML TC members interested in marketing aspects of an interoperability demo; archives are also limited to TC members. Subscribe or view archives.*

*To minimize spam, you must subscribe to these lists before posting.

 

Available XACML Implementations

It is known that various developers have implemented XACML code andXACML support tools; some of these implementations are publiclyavailable for download. The following are listed here solely for theinformation of parties interested in XACML. By including these links,neither the XACML TC, nor OASIS itself, is endorsing or recommendingthese implementations in any way. This list may be modified at any timeas further information about these or other implementations becomesknown.

 

Providing Feedback: OASIS welcomes feedback on its technical activities from potential users, developers, and others to better assure the interoperability and quality of OASIS work.