XACML 2.0 implementation for the NERC DataGrid
- XACML 2.0 implementation for CEDA (the Centre for Environmental Data Archival)
STFC, Rutherford Appleton Laboratory. This is follow on work from the NERC (Natural Environment Research Council) DataGrid 3 Project.
XACML (eXtensible Access Control Mark-up Language), is an XML based language for expressing access control policies.
Only the parts of the specification immediately required for CEDA have been implemented in this initial release: Policy Decision Point; Deny overrides and Permit overrides rule combining algorithms; AttributeDesignators; various function types: see ndg.xacml.core.functions; and attribute types: see ndg.xacml.core.attribute; incomplete support for <AttributeSelector>s, <VariableReference>, <VariableDefinition>. <Obligations>; includes an ElementTree based parser for Policies. No support for writing out policies or read/write of XML representation of <Request> and <Response>;
See ndg.xacml.test for unit tests and examples.
The software follows a modular structure to allow it to be extended easily to include new parsers, functions and attribute types
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.