Understanding XML Access Control Markup Language - XACML
XACML is the Access Control Markup Language that is used to express the rules that are necessary for authentication and authorization. The vocabulary to express these rules is given by the access control markup language. These rules are used to make decisions regarding the authorization.
Wednesday, February 17th, 2021
A simple example of this could be the way the employees of a company can have access to the resources in the company. Not all the employees will have access to all the resources. The staff of the marketing department will have access to different resources whereas the HR department staff may access some other information. Getting email notification when some records are accessed is also possible.
There are many features of the XML Access Control Markup Language. This defines:
· The rules for expressing authorization
The XACML definitions are used for the subjects and the actions. Rules for the targets are defined in this markup language. The effects and the conditions are also defined in XML Access Control Markup Language. The targets that are defined in the XACML could be resources, subjects and actions that are defined in the Security Assertion Markup Language. The effect that is defined could be ‘allow’ or ‘deny’. The conditions defined in the XACML could be attributes and the predicates that are described in the XACML requirements.
An outline of the tags that defines the Rule found in the XACML document is given below. This gives the hierarchy in which the tags are present in the document.
<Rule RuleId="xxx" Effect="xxx">
As given in the above code the <Rule> tag consists of the child elements like the <Target> and the <Condition>. The <Target> tag has the <Subjects>, <Resources>, and <Actions> tags as its child elements. The <Subjects> tag defines the subjects, and the <Resources> tags define the resources. These have the attributes AttributeName and the AttributeNamespace.
If you look at the code snippets that are given below you would get an idea of how the Rules are framed. The following code snippet gives an example of the <Resources> tags.
Visit XML Training Material Guide Homepage