What does the OASIS XACML Technical Committee do?
The OASIS XACML TC focuses on the development of a standard access control policy language. “XACML” stands for “eXtensible Access Control Markup Language”. The full charter is at http://www.oasis-open.org/committees/xacml/charter.php. • What is the need for such a standard? Currently, there are many proprietary or application-specific access control policy languages. This means policies cannot be shared across different applications, and provides little incentive to develop good policy composition and auditing tools. Many of the existing languages do not support distributed policies, are not extensible, or are not expressive enough to meet new requirements. XACML enables the use of arbitrary attributes in policies, role-based access control, security labels, time/date-based policies, indexable policies, “deny” policies, and dynamic policies–all without requiring changes to the applications that use XACML. Adoption of XACML across vendor and product platforms provides the opportunity f
