XACML Standards Showcase at RSA Conference 2012
By B Shashikumar on Jan 18, 2012
External Authorization does for authorization what Single Sign-On solutions did for authentication many years ago. Externalizing authorization policies from applications not only centralizes authorization policy enforcement but also standardizes how authorization policies are written and enforced by applications. Just like SQL standardized the query language for databases, XACML or eXtensible Access Control Markup Language standardizes attribute based access control policies for applications. XACML 3 is the latest revision of this standard that facilitates extremely flexible expressions for access control.
Oracle Entitlements Server is our external authorization solution that supports a broad range of authorization standards giving our customers plenty of choices and flexibility for deployment. Kuppinger Cole recently released a paper describing how organizations can "future proof" their enterprise security by deploying Oracle Entitlements Server. By taking a declarative security approach, security policy can be flexible and distributed across multiple applications consistently. You can get a copy of the report here.
At this year's RSA Conference, the OASIS group will be organizing an interop showcase for XACML 3. Members of OASIS including Oracle will be onhand to showcase the features of the XACML Intellectual Property Control Profile. Stop by Booth #129 at RSA to learn all about the latest in XACML.