XACML 3.0 is officially recognized as a standard by OASIS

Stockholm, January 24 2013 – Axiomatics, the first organization to attest conformance to eXtensible Access Control Markup Language (XACML) 3.0, is happy to announce that XACML 3.0 has now been officially recognized as a standard. This version of XACML has been in use since 2010 and it received the Influential Standardization Efforts Award at the European Identity Conference in Munich, May 2011. At the close of voting on 24th January 2013, the required number of votes had been received from members of the Organization for the Advancement of Structured Information Standards (OASIS) to officially grant XACML the status of a standard.

Since its inception in 2001, the scope of XACML has increased considerably. In its initial form it was designed to protect XML resources, now it can be used to protect web APIs, Service Oriented Architectures, REST services, mobile and SaaS applications and databases. Other enhancements that leverage XACML 3.0 include profiles such as the Multiple Decision Profile for XACML 3.0, which delivers vast performance gains as well as the obligation expression. This enables a reason to be given to a request in additional to providing an answer of Deny or Permit.

According to Erik Rissanen, Editor of the XACML 3.0 standard and CTO of Axiomatics, ”XACML 3.0 brings increased security to access control, while offering greater flexibility, in particular with regards to how it can be applied to an enterprise-wide authorization solution. For example, XACML 3.0 has been fundamental for Axiomatics to be able to deliver authorization solutions for a number of its global manufacturing customers who must comply with strict US export control and intellectual property regulations.” The XACML technical committee, which is made up of representatives from XACML solution suppliers, integrators and user organizations, are now focusing on designing profiles that make it easier to onboard new applications. These include the REST profile for XACML and the JSON profile for XACML, which will help lower the barrier to entry for cloud application and API developers.

“As the use cases for XACML 3.0 continues to expand, we expect take up of the language within the Identity and Access Management (IAM) sphere to increase,” continues Rissanen. “In support of this at Axiomatics we have developed a hybrid language, known as Axiomatics Language for Authorization (ALFA). The syntax is similar to Java and C# and acts as a bridge to XACML, allowing a much wider group of developers access to the XACML technology” concludes Rissanen.

Other News

Press Release
Axiomatics Expands Executive Leadership to Accelerate Growth
Stockholm May 11, 2021 – Axiomatics has appointed Jim Barkdoll as president and chief commercial officer.  A data security veteran with a long, successful track record.
Press Release
Srijith Nair Rejoins Axiomatics As Chief Strategy Officer
STOCKHOLM – January 12, 2021 – Axiomatics, the leader in runtime dynamic authorization, today announced Dr. Srijith Nair has rejoined the company as Chief Strategy Officer. He will be responsible for developing, executing, and sustaining Axiomatics cohesive growth strategies.
Press Release
KuppingerCole Market Compass report endorses Axiomatics Dynamic Authorization Suite
STOCKHOLM – 16 July 2020 - KuppingerCole has profiled Axiomatics Dynamic Authorization Suite, giving the platform high ratings across all functionalities. The Market Compass report focuses on the dynamic authorization management market and rates vendors based on the security, deployment, functionality and usability of centrally managed authorization services.