Security specification gets OK'd

Standards group the Organization for the Advancement of Structured Information Standards (OASIS) announced Tuesday that it has ratified the Extensible Access Control Markup Language (XACML) as a standard, paving the way for its use in security products.

XACML is a specification that lets companies define security policies around Web services applications. With XACML-based security products, companies can spell out information access privileges for people. XACML is designed to work with another OASIS standard, Security Assertion Markup Language (SAML), which defines a common method for sharing authorization information between different security systems. The XACML specification was developed by Entrust, IBM, OpenNetwork, Quadrasis, Sterling Commerce, Sun Microsystems and other participants in OASIS.