OASIS approves XACML to drive authorization policy
The XML standard group OASIS has approved the Extensible
Access Control Markup Language (XACML) as an OASIS Open Standard. The standard
is said to provide a universal language to develop and enforce authorization
policy over the Internet.
The OASIS XACML spec was developed by Entrust, IBM, OpenNetwork, Quadrasis,
Sterling Commerce, Sun Microsystems and other members of the XACML Technical
XACML joins the Security Assertion Markup Language (SAML) standard, as well
as emerging specifications advanced within OASIS such as WS-Security, Service
Provisioning Markup Language (SPML), Digital Signature Services (DSS) and Public
Key Infrastructure (PKI).
Viewers see XACML as addressing a key security issue for distributed systems,
and accelerating the move away from proprietary systems toward open network
See the related story ''OASIS forms another PKI committee'' by Rich Seeley at