E-business standards group OASIS has approved the Extensible Access Control Markup Language (XACML) version 2.0, a key standard for access control policies.
Fostered by OASIS members such as IBM , Sun Microsystems
, BEA Systems
and Computer Associates
, XACML is a crucial security component that grants or denies access to applications. At a higher level, it also allows programmers to create the rules that make authorization decisions possible.
“XACML finally enables organizations to move access control policy out of custom spaghetti code and into an interoperable,
declarative XML form,” said Eugene Kuznetsov, CTO, founder and chairman of DataPower, an OASIS member. “Whether driven by new security threats, regulatory mandates or Web services, there is a growing need for fine-grained authorization for heterogeneous systems.”
Thoroughly tested by the OASIS XACML technical committee, XACML 2.0 is part
XACML 2.0 features integration for the OASIS Security Assertion Markup Language (SAML) standards, as well as new profiles for Role Based Access Control (RBAC)
The new security standard is designed to complement SAML
XACML 2.0 comes more than two years after the ratification of the first version. But the promise of such security policies has grown greatly, underscored by a flurry of activity concerning distributed computing systems.
XACML, SAML and Liberty protocols have become cornerstones of the adoption of service-oriented architectures (SOA)
BEA, Sun, and DataPower, all of which provide infrastructure products to support Web services, are among the companies that said they would support XACML in products going forward.
of the growing OASIS security standard portfolio, which also includes SAML,
Application Vulnerability Description Language (AVDL), Service Provisioning
Markup Language (SPML), WS-Security, and XML Common Biometric Format (XCBF).