XACML Sample Clauses

XACML. According to [11], XACML intends to manage secure authorization and to connect authorised users to resources through formalised policy statements. It is XML-based and its web site [15] provides a detailed description of the intended use of the framework and its rules. XaCML has its logic described in [16]. Even though it is not a REL [11], it is still included in the literature, since it is a system to manage access to data. The basic model of XACML can be found in Figure 5. The Policy Enforcement Point (PEP) represents for example a filesystem or web server. The subject requests access to the PEP. Then the context handler creates a request based on the original access request from the subject. This request is then sent to the Policy Decision Point (PDP), which extracts the relevant policies from the Policy Administration Point (PAP) and it evaluates if the access request complies with the XACML policies. If the access request is in line with the policies then the subject gets access to the demanded data.