Access Control Languages
There is much standards work on access control languages and ways to communicate policy. The most often sited is Extensible Access Control Markup Language (XACML).34 XACML is both a policy encoding and an infrastructure for deploying access control decisions and enforcement. XACML can be used with any identity management system, although it is usually associated with SAML. There is no specific tie between SAML and XACML, although they do leverage much of the same infrastructure.
As a policy encoding language, XACML is powerful, made up of logic fundamentals that can be combined into any rules possible. The rules, however, need to invoke domain-specific vocabulary, such as for roles, permissions, object types, confidentiality ...
Get Healthcare Information Technology Exam Guide for CompTIA Healthcare IT Technician and HIT Pro Certifications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
