What is XACML ?

XACML (Extensible Access Control Markup Language) is an open standard XML-based language designed to express security policies and access rights to information for Web services, digital rights management (DRM), and enterprise security applications. Ratified by the Organization for the Advancement of Structured Information Standards (OASIS) in February 2003, XACML was developed to standardize access control through XML so that, for example, a worker can access several affiliated Web sites with a single logon. XACML is sometimes referred to as Extensible Access Control Language (XACL).

XACML was designed to work in conjunction with Security Assertion Markup Language (SAML), another OASIS standard. SAML defines a means of sharing authorization information, such as user passwords and security clearance, between security systems. A rules engine (a program that examines established rules and suggests behaviors that comply with them) with policies expressed in XACML can compare such information with established criteria to ascertain user rights. The XACML specifications were developed through a collaborative effort of OASIS members including IBM, Sun Microsystems, and Entrust.

Advertisements

About Applied Information Security (AIS) LAB

The KTH-SEECS Applied Information Security (AIS) Lab conducts research concentrated on cyber threats and countermeasures, Cloud Computing Security, security in distributed systems, Secure Group Communications and Secure Object Oriented Databases. We welcome industry and academia to contribute in designing and developing solutions to better meet today's demanding security requirements.
This entry was posted in Access Control. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s