Certifications
& Standards

XACML (XML Access Control Markup Language)

XML Access Control Markup Language (XACML) is a proposal for an XML syntax for specifying authorization and entitlements policies. XACML is expected to address fine-grained control of authorized activities, characteristics of the access requestor, and the protocol over which the request is made.

Why is it needed?

There is a pressing need for a common language for expressing security policy. If implemented throughout an enterprise, a common policy language allows the enterprise to manage the enforcement of all the elements of its security policy in all the components of its information systems.

Status

The XACML 1.0 specification was ratified as an OASIS Open Standard by the OASIS eXtensible Access Control Markup Language Technical Committee in February 2003.

Entrust Involvement

Entrust is an active member of the OASIS Access Control Technical Committee working on XACML — acting as a co-chair for this committee and co-editor of the specification. The latest release of Entrust GetAccess™, uses XACML to capture fine-grained entitlements policies in a standardized and interoperable syntax.