OASIS approves XACML to drive authorization policy

The XML standard group OASIS has approved the Extensible Access Control Markup Language (XACML) as an OASIS Open Standard. The standard is said to provide a universal language to develop and enforce authorization policy over the Internet.

The OASIS XACML spec was developed by Entrust, IBM, OpenNetwork, Quadrasis, Sterling Commerce, Sun Microsystems and other members of the XACML Technical Committee.

XACML joins the Security Assertion Markup Language (SAML) standard, as well as emerging specifications advanced within OASIS such as WS-Security, Service Provisioning Markup Language (SPML), Digital Signature Services (DSS) and Public Key Infrastructure (PKI).

Viewers see XACML as addressing a key security issue for distributed systems, and accelerating the move away from proprietary systems toward open network authorization architectures.

See the related story ''OASIS forms another PKI committee'' by Rich Seeley at