XACML is the eXtensible Access Control Markup Language, an open standard for specifying and evaluating authorization and access control policies.
XACML is the eXtensible Access Control Markup Language, an open standard for specifying and evaluating of authorization and access control policies. The standard is managed by the OASIS XACML Technical Committee. The XACML 3.0 standard was ratified and released in January 2013.
XACML implements an access control model called attribute-based access control or abac.
The OASIS committee has identified and defined several ancillary profiles that extend the core XACML 3.0 specification for specific domains, such as the Administration and Delegation Profile, the SAML Profile, the Core and Hierarchical Role Base Access Control (RBAC) Profile, the Intellectual Property Control (IPC) profile, and the Export Compliance-US (EC-US) Profile. All of these profiles are defined on the OASIS site.
The XACML 2.0 standard was ratified in February 2005. A significant difference between the 2.0 and 3.0 standards is that 2.0 uses distinct XML element tags to separate attributes into subject, resource, action, or environment categories whereas 3.0 uses XML attributes to associate items with categories. In XACML 3.0 it's easier to define application-specific categories and the attribute processing model is more unified than in XACML 2.0.
XACML 3.0 also introduces Advice and makes Obligations more dynamic through the introduction of variables in the Obligation element.
