Home   Cart   Quotation   Policy   About-Us
www.ChineseStandard.net
SEARCH

GB/T 30281-2013 English PDF

US$2119.00 · In stock
Delivery: <= 13 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 30281-2013: Information security technology - Authentication and authorization. eXtensible Access Control Markup Language (XACML)
Status: Valid
Standard IDUSDBUY PDFLead-DaysStandard Title (Description)Status
GB/T 30281-20132119 Add to Cart 13 days Information security technology - Authentication and authorization. eXtensible Access Control Markup Language (XACML) Valid

Similar standards

GB/T 30276   GB/T 30279   GB/T 31168   GB/T 30278   GB/T 30282   GB/T 30283   

Basic data

Standard ID: GB/T 30281-2013 (GB/T30281-2013)
Description (Translated English): Information security technology - Authentication and authorization. eXtensible Access Control Markup Language (XACML)
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 96,948
Quoted Standard: IEEE 754; IETF RFC 822; IETF RFC 2253; IETF RFC 2396; IETF RFC 2732; IETF RFC 3280; W3C XQUERY1.0; XPATH 2.0
Regulation (derived from): National Standards Bulletin 2013 No. 27
Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary: This standard specifies the eXtensible Access Control Markup Language (XACML) data flow model, language model and grammar. This standard applies to large-scale distributed applications written in the language of the control strategy and analysis unified a

GB/T 30281-2013: Information security technology - Authentication and authorization. eXtensible Access Control Markup Language (XACML)


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Authentication and authorization. EXtensible Access Control Markup Language (XACML) ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Authentication and Authorization Extensible Access Control Markup Language eXtensibleAccessControlMarkupLanguage (XACML) Issued on. 2013-12-31 2014-07-15 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released

Table of Contents

Introduction Ⅴ Introduction Ⅵ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 3 5 XACML Overview 3 5.1 Overview 3 5.2 Requirement 3 A combination of rules and policies 4 5.3 Combined Algorithm 4 5.4 More than 5.5 body 5 5.6 based on subject and resource attributes Strategy 5 Property values \u200b\u200bover 5.7 5 5.8 content of the resource-based strategy 5 5.9 Operators 5 5.10 Distribution Policy 6 Strategy Index 5.11 6 5.12 Abstraction Layer 6 5.13 Action accompanying policy enforcement performed together 6 6 model 6 6.1 Data Flow Model 6 6.2 XACML context 7 6.3 Policy language model 8 7 policy syntax 10 7.1 \u003cPolicySet\u003e Element 10 7.2 \u003cDescription\u003e Element 12 7.3 \u003cPolicySetDefaults\u003e Element 12 7.4 \u003cXpathVersion\u003e Element 12 7.5 \u003cTarget\u003e Element 12 7.6 \u003cSubjects\u003e Element 13 7.7 \u003cSubject\u003e Element 13 7.8 \u003cSubjectMatch\u003e Element 14 7.9 \u003cResources\u003e Element 14 7.10 \u003cResource\u003e Element 14 7.11 \u003cResourceMatch\u003e Element 15 7.12 \u003cActions\u003e Element 15 7.13 \u003cAction\u003e Element 15 7.14 \u003cActionMatch\u003e Element 16 7.15 \u003cEnvironments\u003e Element 16 7.16 \u003cEnvironment\u003e Element 17 7.17 \u003cEnvironmentMatch\u003e Element 17 7.18 \u003cPolicySetIdReference\u003e Element 17 7.19 \u003cPolicyIdReference\u003e Element 18 7.20 VersionType simple type 18 7.21 VesionMatchType simple type 18 7.22 \u003cPolicy\u003e Element 19 7.23 \u003cPolicyDefaults\u003e Element 20 7.24 \u003cCombinerParameters\u003e Element 20 7.25 \u003cCombinerParameter\u003e Element 21 7.26 \u003cRuleCombinerParameters\u003e Element 21 7.27 \u003cPolicyCombinerParameters\u003e Element 22 7.28 \u003cPolicySetCombinerParameters\u003e Element 22 7.29 \u003cRule\u003e Element 23 7.30 EffectType simple type 23 7.31 \u003cVariableDefinition\u003e Element 23 7.32 \u003cVariableReference\u003e Element 24 7.33 \u003cExpression\u003e Element 24 7.34 \u003cCondition\u003e Element 25 7.35 \u003cApply\u003e Element 25 7.36 \u003cFunction\u003e Element 25 7.37 AttributeDesignatorType composite type 26 7.38 \u003cSubjectAttributeDesignator\u003e Element 27 7.39 \u003cResourceAttributeDesignator\u003e Element 27 7.40 \u003cActionAttributeDesignator\u003e Element 28 7.41 \u003cEnvironmentAttributeDesignator\u003e Element 28 7.42 \u003cAttributeSelector\u003e Element 28 7.43 \u003cAttributeValue\u003e Element 29 7.44 \u003cObligations\u003e Element 30 7.45 \u003cObligation\u003e Element 30 7.46 \u003cAttributeAssignment\u003e Element 31 8 context syntax 31 8.1 \u003cRequest\u003e Element 31 8.2 \u003cSubject\u003e Element 32 8.3 \u003cResource\u003e Element 32 8.4 \u003cResouceContent\u003e Element 33 8.5 \u003cAction\u003e Element 33 8.6 \u003cEnvironment\u003e Element 33 8.7 \u003cAttribute\u003e Element 34 8.8 \u003cAttrributeValue\u003e Element 34 8.9 \u003cResponse\u003e Element 35 8.10 \u003cResult\u003e Element 35 8.11 \u003cDecision\u003e Element 36 8.12 \u003cStatus\u003e Element 36 8.13 \u003cStatusCode\u003e Element 37 8.14 \u003cStatusMessage\u003e Element 37 8.15 \u003cStatusDetail\u003e Element 37 8.16 \u003cMissingAttributeDetail\u003e Element 38 9 Functional Requirements 38 9.1 Overview 38 9.2 Policy Enforcement Point 38 9.3 Property Assessment 39 9.4 Expression Evaluation 40 Assessment 41 9.5 Arithmetic 9.6 Assessment 41 matches Assessment 42 9.7 Target 9.8 Assessment 43 variable reference 9.9 Condition Assessment 44 9.10 Rule 44 Assessment Strategic Assessment 44 9.11 9.12 evaluate policy set 45 9.13 There are 45 levels of resources 9.14 authorization decisions 45 Obligations 46 9.15 9.16 Exception Handling 46 10 XACML extensibility points 46 10.1 Extensible XML attribute type 46 10.2 Structured Properties 47 11 security and privacy 47 11.1 Overview 47 11.2 Threat Model 47 Safety measures 49 11.3 12 Compliance 51 12.1 Introduction 51 51 12.2 Compliance List Appendix A (normative) data types and functions 61 Appendix B (Normative Appendix) XACML identifier 76 Annex C (normative) combining algorithm 80 References 89

Foreword

This standard was drafted in accordance with GB/T 1.1-2009 given rules. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. This standard was drafted. Institute of Software. The main drafters of this standard. Dengguo Feng, Xu Zhen, Zhang Min, Dizheng De, Wang Yazhe, Gao Zhigang, Zhang Fan.

Introduction

How to implement large-scale distributed applications in a controlled share of information resources, policy-based security management of information security has become a One of the key areas of concern. At present, most distributed applications are still independently define their own security policies and implement resource access control, not only Unable to get a complete view of security policy enforcement, and high maintenance costs of the security policy, the reliability of the lack of adequate protection. The standard defines a generic extensible markup language access control policy XACML, support for multiple types of access control policies, allowing Xu user-defined policies extension that allows users to achieve resource protection policy in a manner independent of the definition of the system and control resource access control System logic decision-making process to achieve security and access policy defined in the form of decision process standardization. Information Security Technology Authentication and Authorization Extensible Access Control Markup Language

1 Scope

This standard specifies the Extensible Access Control Markup Language (XACML) data flow model, language model and grammar. This standard applies to large-scale distributed applications in the preparation and analysis of unified access control policy language resources.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. IEEE754 floating point standard (StandardforFloating-pointArithmetic) Standard format IETFRFC822 email (StandardfortheFormatofArpaInternetTextMessages) IETFRFC2253 Lightweight Directory Access Protocol (v3). UTF-8 string representation of the distinguished name (LightweightDirectory AccessProtocol (v3). UTF-8StringRepresentationofDistinguishedNames) IETFRFC2396 uniform resource identifier. basic grammar (UniformResourceIdentifiers (URI). GenericSyn- tax) IETFRFC2732 literal IPv6 addresses in URL format (FormatforLiteralIPv6AddressesinURL's) IETFRFC3280 X.509PKI certificate and CRL profiles (InternetX.509PublicKeyInfrastructure CertificateandCertificateRevocationList (CRL) Profile) W3CXQuery1.0 and XPath2.0 Functions and Operators (XQuery1.0andXPath2.0FunctionsandOpera- tors) W3CXML patterns, Part 1 and Part 2 (XMLSchema, parts1and2)

3 Terms and Definitions

The following terms and definitions apply to this document. 3.1 Property attribute Used to describe the characteristics of the subject, resource, action and environment in the predicate and objectives. 3.2 Authorization decision authorizationdecision PDP applies policies based on evaluation results generated, the results are returned to the PEP. 3.3 Context context Policy decisions and requests authorization decision statements. 3.4 Context processor contexthandler The decision requests the conversion request from the decision-making raw format into XACML canonical form and authorization decisions from the XACML canonical form ......
Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 30281-2013_English be delivered?

Answer: Upon your order, we will start to translate GB/T 30281-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 9 ~ 13 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 30281-2013_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 30281-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.