Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is it used from applications to web applications or web services to control access?

applications CONTROL Used web web services
0
Posted

Is it used from applications to web applications or web services to control access?

0 CommentsAdd a Comment

1 Answer

0

Again, XACML is well suited to decide if requests to a Web Server or Web Service should be allowed. • Is it used from policy servers/stores to policy enforcement agents (or applications) to describe their policies (to be enforced)? The SAML 2.0 Profile of XACML specifies a protocol by which a Policy Enforcement Point (PEP) may request that an XACML Policy Decision Point (PDP) determine if access is allowed under some set of conditions. It is considered undesirable for a PEP to have to be aware of the semantics of policy. There is a proposed enhancement for XACML 3.0 which would permit a PEP to supply additional policies with the request which would be combined with policies the PDP already has. • Is it used from policy administration interfaces to policy stores to read/update/commit policies? XACML 2.0 only specifies the syntax and semantics of access control policy. However, it would be completely straightforward to implement a CRUD interface based on the POSIX file system, WebDAV or

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123