RE: XACML - Extensible Access Control Markup Language

Tom,

I assume from the attachment that you are referring to XrML.  I agree
wholeheartedly that XrML is a fine piece of work and it makes an
excellent contribution into the standards efforts now taking place.
One must remember, however, that XrML was devised according to one set
of requirements laid down before the current round of work being
undertaking by the various standards groups.  If, once the
requirements gathering exercises have been completed, XrML (or ODRL,
or any other existing proprietary standard) fits the bill 100% then it
would be crazy to do anything other than accept it as the final
standard.  What is more likely, is that new requirements will be found
that are not quite met by the existing proprietary standards and that
they will feed into a larger process of refinement.  At the same time,
the numerous standard bodies will no doubt be working to different
sets of requirements.  The trick will be to ensure that whatever they
do is compatible with all the other standards.  That's why we need
people working in a number of camps simultaneously.

Best regards,
/Dave.
_ ______________________________________________________________
Dr David J. Parrott (Chartered Engineer) Chief Technology Office
     Reuters Limited, 85 Fleet Street, London EC4P 4AJ, UK.
   Direct Line: +44 (0)20 7542 9830, Fax: +44 (0)20 7542 8314
       Email: David.Parrott@reuters.com, dparrott@acm.org



On 26/04/2001 01:51:20 Tom McMahon wrote:
> See attached.  These guys have already done an unbelievably good job at
> laying down the framework.  Why would anyone want to re-invent this
> wheel?
>
>
>
> -----Original Message-----
> From: David Parrott [mailto:David.Parrott@reuters.com]
> Sent: Wednesday, April 25, 2001 5:41 AM
> To: Paskin, Norman (DOI-ELS)
> Cc: www-drm@w3.org
> Subject: RE: XACML - Extensible Access Control Markup Language
>
>
>
>
> Norman,
>
> Absolutely agree.  I would further say that data dictionaries
> (/vocabularies)
> can themselves be layered.  No one data dictionary could hope to
> encapsulate all the rights and obligations requirements of all players
> both
> existing and to be defined in the future.  Therefore, the glue language
> should
> accommodate alternative and combined sources of vocabularies and,
> indeed,
> dynamically varying sources.  I would argue that there is intellectual
> property
> in certain vocabularies and others in which information resides that
> cannot be
> shared with the general community for legal reasons.  I look forward to
> open
> languages that take account of flexible data dictionary and vocabulary
> management.
>
> Given that I am at least trying to stay on top of several standards
> activities
> right
> now, I am more than happy to try to bridge wherever I can.  I would
> expect that
> I'm not the only one.  One thing is for sure: there'll be a lot of
> healthy
> debate on
> these topics over the coming months and, hopefully, a good degree of
> cross
> fertilisation.
>
> Best regards,
> /Dave.
>
> _ ______________________________________________________________
> Dr David J. Parrott (Chartered Engineer) Chief Technology Office
>      Reuters Limited, 85 Fleet Street, London EC4P 4AJ, UK.
>    Direct Line: +44 (0)20 7542 9830, Fax: +44 (0)20 7542 8314
>        Email: David.Parrott@reuters.com, dparrott@acm.org
>
>
>
>
>
> |--------+----------------------->
> |        |          "Paskin,     |
> |        |          Norman       |
> |        |          (DOI-ELS)"   |
> |        |          <n.paskin@doi|
> |        |          .org>        |
> |        |                       |
> |        |          25/04/2001   |
> |        |          10:14        |
> |        |                       |
> |--------+----------------------->
>
> >-----------------------------------------------------------------------
> ---|
>   |
> |
>   |       To:     David Parrott/LON/GB/Reuters@Reuters
> |
>   |       cc:     "'www-drm@w3.org'" <www-drm@w3.org>
> |
>   |       Subject:     RE: XACML - Extensible Access Control Markup
> Language |
>   |       Header:      Internal Use Only
> |
>
> >-----------------------------------------------------------------------
> ---|
>
>
>
>
>
>
> Dave: I absolutely agree with your stated fears.  Too many cooks spoil
> the
> broth and there is a whole cuisine school out there at present, with
> varying
> degrees of knowledge and ability.
>
> As I think you'll agree DRM isn't one thing.  It can certainly be broken
> down into some layers.  One such breakdown is into an underlying
> semantics
> (a data dictionary of terms); and a use of those terms in an application
> by
> means of an expression (a language).  That separation has been called
> "Rights Data Dictionary" and "Rights Expression Language" respectively
> in
> e.g. the recent MPEG-21 work., and was obvious in the W3C DRM (indecs as
> exemplar of semantics, ODRL and XRML as expression)
>
> indecs focussed on the semantic analysis and was successful; see
> practical
> commercial implementatioins in ONIX, DOI, etc.  It's planned to build
> further semantic analysis in the rights area as a Data Dictionary, under
> the
> indecs2 umbrella (IDF has a role in funding the feasibility study to
> build
> support to do this - see IDF FUNDS STUDY OF MULTIMEDIA INTELLECTUAL
> PROPERTY
> RIGHTS April 17, 2001
> http://www.doi.org/news/010418-multimediaIP.html).
> The detailed document (now in preparation) which describes that study
> explores this separation further. I see from the XACML press release:
> "XACML will define the representation for rules that specify the who,
> what,
> when and how of information access," explained Simon Y. Blackwell of
> Psoom,
> chair of the OASIS XACML Technical Committee. "Access control, which is
> often called 'rights management' or 'entitlement management,' determines
> who
> can look at something, what they can do with it, the type of device they
> can
> look at it on, etc."
>
> So (as I said in another posting) it seems to me that the effort is not
> going to be doing the necessary *semantic* work of the Rights Data
> Dictionary, as discussed at MPEG Singapore in the Rights Requirements
> sessions, and the W3C DRM.  It seems more to be standard XML expressions
> of
> this ("the representation for rules" rather than "the rules")?  If it is
> indeed planning to do the semantic work, then for the reasons you note
> it
> needs to talk to indecs2.  Clearly it has relevance anyway and I have
> suggested a contact between OASIS and the indecs2 activity , and which
> is
> planned to be the basis for the indecs2 development of the Rights Data
> Dictionary (for feed in to MPEG-21).   Can you be the bridging contact
> here?
>
>
> I'd be interested in seeing how we can indeed whilst still getting both
> the
> semantic and the expression work done.
>
> Norman
>
>
> -----Original Message-----
> From: David Parrott [mailto:David.Parrott@reuters.com]
> Sent: 25 April 2001 09:28
> To: www-drm@w3.org
> Subject: Re: XACML - Extensible Access Control Markup Language
>
>
>
>
> You will note from the Press Release from OASIS that Reuters is one of
> the initial members of the OASIS XACML Technical Committee.  I will be
> taking part in the kick-off teleconference on 12 May and would hope
> that any work undertaken by OASIS will be aligned as closely as
> possible to the many other efforts currently in the process of
> starting up.  I am fearful that too many competing standards will have
> the following effects:
>
> 1/ to dilute the effort applied in any one place
> 2/ to spread too thin the efforts of those who are trying to keep
>      up with (i.e., by active participation) multiple standards
> 3/ to reduce the likelihood of truly interoperable systems
> 4/ to impact credibility
>
> Looking at the PKI space, one sees many standards in place (PKIX,
> OCSP, PKCS, S/MIME, etc) but each of those is operating in a slightly
> different problem domain.  My concern about the rights management
> standards is that there is significant overlap.  I would be looking,
> ideally, for niches to be identified in which the different standards
> excel and which are complementary.  Clearly, lines of responsibility
> need to be drawn.
>
> Regards,
> /Dave.
>
> _ ______________________________________________________________
> Dr David J. Parrott (Chartered Engineer) Chief Technology Office
>      Reuters Limited, 85 Fleet Street, London EC4P 4AJ, UK.
>    Direct Line: +44 (0)20 7542 9830, Fax: +44 (0)20 7542 8314
>        Email: David.Parrott@reuters.com, dparrott@acm.org
>
>
>
>
>
> |--------+----------------------->
> |        |          Rigo Wenning |
> |        |          <rigo@w3.org>|
> |        |                       |
> |        |          24/04/01     |
> |        |          23:36        |
> |        |                       |
> |--------+----------------------->
>   >-------------------------------------------------------------------|
>   |                                                                   |
>   |       To:     DRM-Public-List <www-drm@w3.org>                    |
>   |       cc:     (bcc: David Parrott/LON/GB/Reuters)                 |
>   |       Subject:     XACML - Extensible Access Control Markup       |
>   |       Language                                                    |
>   |       Header:      Internal Use Only                              |
>   >-------------------------------------------------------------------|
>
>
>
>
>
>
> ----- Forwarded message from Larry Gussin <ldgussin@home.com> -----
>
> Date: Tue, 24 Apr 2001 13:14:56 -0400 (EDT)
> Message-ID: <00b101c0ccd8$8e395c60$16c60b41@pwtkt1.ri.home.com>
> From: "Larry Gussin" <ldgussin@home.com>
> To: <www-drm@w3.org>
> Subject: [Moderator Action] XACML - Extensible Access Control Markup
> Language
>
> Hi,
>
> I worked at Intertrust for some years, and so am familiar with DRM
> concepts.
> I
> note XACML, which was begun at IBM and announced today by OASIS as a
> technical
> committee, as another form of XML-based rights language, growing out of
> enterprise access control practices:
> http://xml.coverpages.org/XACML-PR20010424.html. The XACML web page:
> http://xml.coverpages.org/xacl.html.
>
> >From the press release:
> "XACML will define the representation for rules that specify the who,
> what,
> when
> and how of information access," explained Simon Y. Blackwell of Psoom,
> chair
> of
> the OASIS XACML Technical Committee. "Access control, which is often
> called
> 'rights management' or 'entitlement management,' determines who can look
> at
> something, what they can do with it, the type of device they can look at
> it
> on,
> etc."
>
> I'd appreciate hearing how this effort might fit in.
>
> Larry Gussin
>
>
>
>
> ----- End forwarded message -----
>
>
>
>
> -----------------------------------------------------------------
>         Visit our Internet site at http://www.reuters.com
>
> Any views expressed in this message are those of  the  individual
> sender,  except  where  the sender specifically states them to be
> the views of Reuters Ltd.
>
>
>
> -----------------------------------------------------------------
>         Visit our Internet site at http://www.reuters.com
>
> Any views expressed in this message are those of  the  individual
> sender,  except  where  the sender specifically states them to be
> the views of Reuters Ltd.
>
>  - XrML103.doc


-----------------------------------------------------------------
        Visit our Internet site at http://www.reuters.com

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.

Received on Thursday, 26 April 2001 04:37:06 UTC