#XACML Architecture Implementations should be modular
When customers decide to externalize their authorization and to go for a standards-based solution, namely a XACML-based solution, they need to be extremely careful how the vendor implements XACML. It is not just about implementing XACML’s request-response protocol. It is not just about authoring policies natively in XACML. It is also about implementing in an elegant, efficient, and modular way the XACML architecture. The latter contains several key components as listed hereafter: 1. Firstly, the Policy Decision Point (PDP): this is where policies are evaluated and a decision is reached. 2. Secondly, the Policy Enforcement Point: this is where the request is created sent to the PDP and the response received and handled. The PEP can be application-specific. 3. Thirdly […]