The interest in policy specification languages is increasing thanks to the proliferation of authorization solutions that need to define their resource access policies by means of them. These solutions define their own policy syntax, usually based on XML, which involves the definition of non-interoperable policies and non-heterogeneous environments. XACML has been defined with that purpose and is getting more and more acceptance for those type of environments as a valid alternative to proprietary policies. In this paper, we present the definition of the whole policies set needed in an authorization scenario, specifically, the NAS-SAML, which defines a network access control service based on SAML and the AAA architecture. We present the XACML documents representing those policies and the entities involved in the their management life cycle.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 email@example.com
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 firstname.lastname@example.org