新书推介:《语义网技术体系》
作者:瞿裕忠,胡伟,程龚
   >>中国XML论坛<<     W3CHINA.ORG讨论区     计算机科学论坛     SOAChina论坛     Blog     开放翻译计划     新浪微博  
 
  • 首页
  • 登录
  • 注册
  • 软件下载
  • 资料下载
  • 核心成员
  • 帮助
  •   Add to Google

    >> 最新的技术动态
    [返回] 中文XML论坛 - 专业的XML技术讨论区休息区『 最新动态 & 业界新闻 』 → Vendors Showcase Access Control Standard in a Web Server Environment 查看新帖用户列表

      发表一个新主题  发表一个新投票  回复主题  (订阅本版) 您是本帖的第 4605 个阅读者浏览上一篇主题  刷新本主题   树形显示贴子 浏览下一篇主题
     * 贴子主题: Vendors Showcase Access Control Standard in a Web Server Environment 举报  打印  推荐  IE收藏夹 
       本主题类别:     
     菜籽 帅哥哟,离线,有人找我吗?双鱼座1981-2-28
      
      
      威望:5
      头衔:软件民工
      等级:研二(Sowa的知识表示写得真好!)
      文章:875
      积分:5655
      门派:XML.ORG.CN
      注册:2004/7/25

    姓名:(无权查看)
    城市:(无权查看)
    院校:(无权查看)
    给菜籽发送一个短消息 把菜籽加入好友 查看菜籽的个人资料 搜索菜籽在『 最新动态 & 业界新闻 』的所有贴子 点击这里发送电邮给菜籽 引用回复这个贴子 回复这个贴子 查看菜籽的博客楼主
    发贴心情 Vendors Showcase Access Control Standard in a Web Server Environment

    BEA Systems, CA, IBM, Jericho Systems, Oracle, Red Hat, Securent and Others
    Showcase Access Control Standard in a Web Server Environment

    San Francisco, CA, USA; 28 June 2007 -- At Burton Group's Catalyst Conference
    today, eight companies will join together for the first time to demonstrate
    interoperability of the eXtensible Access Control Markup Language (XACML)  2.0
    OASIS Standard. An extremely flexible language for expressing access control,
    XACML is particularly designed to support large-scale environments where
    resources are distributed and policy administration is federated. XACML 2.0 is
    also ITU/T Recommendation X.1142.

    "Access control is a requirement of almost every application," said Dan Blum,
    senior vice president and research director of the Burton Group. "XACML goes
    beyond simply denying or granting information access, it defines the mechanism
    for creating the rules and policy sets that enable meaningful authorization
    decisions."

    The Catalyst demonstration will include two scenarios. In the first, different
    implementations exchange XACML policies that control access for a variety of
    Web server addresses. This demonstrates the ability of different
    implementations to understand the language defined by XACML.

    In the second scenario, authorization decisions are enforced by applications
    based on interaction with an external policy decision point. Both the
    application and the policy decision point can be independently implemented, and
    communication between them will use the XACML Security Assertion Markup
    Language (SAML) Authorization Decision Request Protocol. This shows how
    components such as services, applications and containers are able to defer to a
    centrally managed authorization service when making authorization decisions.

    "XACML attributes are extensible, so that information specific to particular
    industry segments or verticals can be encoded in policy rules and communicated
    to and from applications," explained Hal Lockhart of BEA Systems, co-chair of
    the OASIS XACML Technical Committee. "XACML also recognizes that attribute
    values may originate at the point of enforcement or from databases found
    elsewhere and supports flexible deployment architectures."

    Support for XACML

    BEA Systems
    "The XACML OASIS InterOp demo illustrates that BEA AquaLogic Enterprise
    Security is designed to support the latest version of the XACML standard
    required by today's enterprises to manage and enforce access control policy
    across a diverse SOA ecosystem in a simple and flexible way," said Geoff
    Charron, VP & Unit Executive.

    CA
    "CA supports the industry's collaborative efforts to create interoperability
    standards that facilitate implementation of secure access control policies
    across federated, multi-enterprise, multi-vendor
    infrastructure. We will continue to support XACML in our Identity and Access
    Management solutions so that our customers can take full advantage of this
    interoperability," said Andy Rappaport, architect for identity and access
    management, CA.

    IBM
    "This InterOp session comes at a time when our customers are seeing a
    significant missing link with XACML and interoperability. OASIS is taking an
    excellent step in the right direction by assembling this industry leader group
    to help promote interoperability between the various vendors that support
    XACML," said Anthony Nadalin, IBM Distinguished Engineer and chief security
    architect for IBM Tivoli Software.

    Jericho Systems
    "Jericho Systems is incredibly excited about the group of eight vendors that
    have come together to advance the state of the privilege management and
    entitlement management segment of the security industry.  We believe the XACML
    InterOp will positively demonstrate the power of open standards-based
    interfaces and lead towards more vendors supporting XACML-enabled policy
    enforcement points (PEPs) for externalized security decisioning," said Brendon
    Unland, President & Founder of Jericho Systems.

    Red Hat
    "Access control is a complex space in comparison to authentication. Enterprise
    customers and software products have made attempts at solving authorization use
    cases via proprietary access control lists or such mechanisms. Role Based
    Access Control (RBAC) has proven insufficient in many cases. XACML is an
    industry standards effort at bringing sanity to the growing needs of access
    control. XACML provides mechanisms to define policies and make decisions based
    on a combination of subject (user in the simple case), resources (that need
    access control), actions and
    optionally environmental factors like date-time etc. Adopters of XACML are free
    to provide custom attributes that can affect the final access control decision.
    Interoperability events for XACML will aid in providing confidence in
    implementations to adopters," said Anil Saldhana, Project/Technical Lead, JBoss
    Security and Identity Management, Red Hat Inc.

    Oracle
    "XACML 2.0 provides a sophisticated model for authorization that can represent
    complex policies required by enterprise-scale applications and administrators.
    Through Oracle's support of XACML and participation in the OASIS InterOp event,
    our customers gain a real-world example of how the power of the XACML
    authorization model can enable the benefits of reduced costs and improved
    manageability," said Prateek Mishra, director, Security Standards, Oracle.

    Securent
    "Securent was founded for the purpose of providing fine-grained access control
    for distributed enterprise applications and data. We were one of the earliest
    adopters of XACML, and have leveraged it in Securent's Entitlement Management
    Solution to demonstrate real-world applicability of XACML in addressing access
    control needs at the application and data levels at some of the largest
    enterprises in the world.  The traction the standard is getting, including all
    of the new-found interest and interoperability work, is clear validation of our
    strategic decision to build our entitlement management product around the
    powerful XACML standard," said Rajiv Gupta, Securent CEO.  


    Additional information:

    XACML 2.0 OASIS Standard
    http://www.oasis-open.org/specs/index.php#xacmlv2.0

    OASIS XACML Technical Committee
    http://www.oasis-open.org/committees/xacml/

    XACML FAQ
    http://www.oasis-open.org/committees/xacml/faq.php


    About OASIS:

    OASIS (Organization for the Advancement of Structured Information Standards) is
    a not-for-profit consortium that drives the development, convergence, and
    adoption of open standards for the global information society. Members
    themselves set the OASIS technical agenda, using a lightweight, open process
    expressly designed to promote industry consensus and unite disparate efforts.
    The consortium produces open standards for Web services, security, e-business,
    and standardization efforts in the public sector and for application-specific
    markets. Founded in 1993, OASIS has more than 5,000 participants representing
    over 600 organizations and individual members in 100 countries.
    http://www.oasis-open.org


    Press contact:
    Carol Geyer
    OASIS Director of Communications
    carol.geyer@oasis-open.org
    +1.978.667.5115 x209 (office)
    +1.941.284.0403 (mobile)


    ---------------------------------------------------------------------
    To unsubscribe, e-mail: announce-unsubscribe@lists.oasis-open.org
    For additional commands, e-mail: announce-help@lists.oasis-open.org


       收藏   分享  
    顶(0)
      




    ----------------------------------------------
    重拾英语...

    点击查看用户来源及管理<br>发贴IP:*.*.*.* 2007/6/29 23:15:00
     
     GoogleAdSense双鱼座1981-2-28
      
      
      等级:大一新生
      文章:1
      积分:50
      门派:无门无派
      院校:未填写
      注册:2007-01-01
    给Google AdSense发送一个短消息 把Google AdSense加入好友 查看Google AdSense的个人资料 搜索Google AdSense在『 最新动态 & 业界新闻 』的所有贴子 点击这里发送电邮给Google AdSense 访问Google AdSense的主页 引用回复这个贴子 回复这个贴子 查看Google AdSense的博客广告
    2024/12/12 13:33:11

    本主题贴数1,分页: [1]

    管理选项修改tag | 锁定 | 解锁 | 提升 | 删除 | 移动 | 固顶 | 总固顶 | 奖励 | 惩罚 | 发布公告
    W3C Contributing Supporter! W 3 C h i n a ( since 2003 ) 旗 下 站 点
    苏ICP备05006046号《全国人大常委会关于维护互联网安全的决定》《计算机信息网络国际联网安全保护管理办法》
    78.125ms