Google Site Search


Sunday, February 10, 2008

Oasis XACML Interoperability Event at the RSA Conference 2008

Ok, after the successful interoperability event at the Burton Conference in 2007, it is time for the next Oasis XACML Interoperability Event. This time, it is at the RSA Conference in April 2008 in San Francisco.

What will be different this time?

This time the interoperability will target the health care industry. It is more like an effort from the experts from Oasis, HL7, ANSI and other standard bodies.

The eXtensible Access Control Markup Language (XACML) 2.0 OASIS Standard has emerged as a front runner in solving complex access control problems in the enterprise. Unlike the approach taken by proprietary access control lists (ACL), XACML is an industry accepted standard that provides a well defined structure to create rules and policy sets to make complex authorization decisions. Enterprise practitioners have wished for greater interoperability between products that support the XACML OASIS Standard.

At the RSA Conference 2008 in San Francisco, April 7-11, nine organizations will come together to demonstrate interoperability of the eXtensible Access Control Markup Language (XACML) 2.0 OASIS Standard. Simulating a real world scenario provided by the U.S Department of Veterans Affairs; the demo will show how XACML ensures successful authorization decision requests and the exchange of authorization policies. Participants include:

* Axiomatics
* BEA Systems
* Oracle
* Red Hat
* Cisco
* Sun Microsystems
* U.S. Department of Veterans Affairs

The Interoperability Demonstration will utilize the requirements drawn in the Healthcare industry based on work done at the U.S. Department of Veterans Affairs, HL7, ASTM and ANSI. The requirements include Role-Based Access Control (RBAC), Privacy Protections, Structured and Functional Roles, Consent Codes, Emergency Overrides and Filtering of Sensitive Data. The demonstration will highlight how XACML Obligations can provide additional capabilities in the policy decision making process, while taking the health care scenarios as example. Technical details of the demonstration, including Interoperability Configuration, Policy Decision Request and Policy Interoperability, Roles and Privileges Modeling, Usage of XACML Obligations and SAML Identity Providers will be highlighted.

The demonstration will occur in Booths 132-136 beginning April 7, 2008 during Expo hours. There will be an opportunity for the RSA 2008 attendees to interact with the participating technologists.

No comments: