[Attempto] ACE for XACML?

Brad Cox bradjcox at gmail.com
Mon Nov 15 17:37:28 CET 2010

Previous message: [Attempto] ACE for XACML?
Next message: [Attempto] ACE for XACML?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Neglected ReplyAll...

On Mon, Nov 15, 2010 at 11:24 AM, Brad Cox <bradjcox at gmail.com> wrote:
> Thanks for the response, Norbert. But I'm afraid I'm as stuck now as before.
>
> The sample isn't something I hand-coded as a experiment. It was pasted directly
> from my XACML to proto-ACE translator. I know its too long and its
> ambiguous for lack of parentheses. And the variable names came
> straight from the XACML. I don't have the freedom to choose less ugly
> ones (You want ugly? I could send you some raw XACML! ;).
>
> Question is how to make it better? First thing that comes to mind was:
>
> If  the countryofcitizenship  is "US" then the decision is "Maybe".
> If the organizationid  is in {"USN" , "USMC" } then the decision is "Maybe".
> ...
>
> But is that really better. Shorter yes, but "more understandable"?
>
>> First, ACE doesn't have parentheses.
>
> I've been wondering whether it would be better to translate XACML to
> Java instead of ACE, especially (as Kaarel suggested) I need to go
> thru OWL to get there. Those nested and/or statements come straight
> from the policies, and without a robust way of disambiguating them,
> I'm hosed. When I began thought XACML would be far more declarative.
> It now seems to be much closer to procedural if-then-else code.
>
> Look at the example in my previous mail.... I got that far with a
> straightforware translator. With a little more work I could retool it
> to translate to Java without the and/or ambiguity shown in my sample.
> That would yield a true XACML compiler. That would be unambiguous and
> might even outperform Sun's XACML interpreter. Without the cost and
> learning overhead of "going thru OWL" to ACE.
>
>> Thus I suggest that you consider breaking your sentence into pieces that are digestible also by human readers.
>
> Yes, that's exactly my question... how to do this exactly? I'm a total
> beginner with ACE and really don't see how to do this.
>



-- 
Cell: 703-594-1883
Blog: http://bradjcox.blogspot.com
Web: http://virtualschool.edu
Manassas VA 20111

Previous message: [Attempto] ACE for XACML?
Next message: [Attempto] ACE for XACML?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the attempto mailing list