Monday, January 22, 2007
XACML PEP Support
Mark O'Neill of Vordel talks about some very important issues in his blog on XACML PEP Support. I love the below quote:
Hopefully Mark and others will step up and help keep the vendors who should be implementing XACML PEP within their products honest. Of course this list includes vendors that play in the following spaces: ESB, ERP, CRM, ECM, Portals, J2EE Containers, BPM and so on.
You should never really show your documentation page as folks like me will of course find a product that isn't listed. I would love to see Vordel join the OpenID conversation where you get to interact with folks such as Dick Hardt and Johannes Ernst...
| | View blog reactions- We've used the XACML PEP/PDP model for some time now. But, I can see the vendor rationale for not implementing it. If the "Security Glue" you use is proprietary, then it's frankly more difficult to throw out your product, and you become a "necessary evil" (as I've heard one or two security products called in the past).
Hopefully Mark and others will step up and help keep the vendors who should be implementing XACML PEP within their products honest. Of course this list includes vendors that play in the following spaces: ESB, ERP, CRM, ECM, Portals, J2EE Containers, BPM and so on.
You should never really show your documentation page as folks like me will of course find a product that isn't listed. I would love to see Vordel join the OpenID conversation where you get to interact with folks such as Dick Hardt and Johannes Ernst...
