Archive for July 2010

« Analyzing Identity home page

Diagramming XACML Performance

July 14, 2010

In a previous post discussing XACML performance myth-busting, I described several areas in an XACML authorization system where performance issues can be addressed. Since then, my colleague David Brossard created the diagram below to illustrate potential performance bottlenecks.

To refresh your memory, here is the issue for each numbered item in the diagram (see the previous post for explanations):

  1. Policy Retrieval
  2. Policy Matching
  3. Attribute Retrieval
  4. Decision Caching
  5. Multiple Requests
  6. PDP – PEP Interaction
Advertisement

Categories: Authorization, Performance, XACML

Comments: Be the first to comment

Concordia hosts Authorization Standards Workshop

July 9, 2010

The Concordia Discussion Group is planning another workshop at Burton Catalyst North America, continuing a trend of providing timely and informative events. I have had the pleasure of participating in the past and will provide an update on what is new in XACML 3.0 this time around. XACML 3.0 is nearing ever closer to formal standardization – and contains several useful enhancements that are important for leading edge as well as legacy application environments.

Information on the workshop can be found here. Admission is free – you just need to register with Dervla O’Reilly to attend. Hope to see you there!

Categories: Authorization, Standards, Workshop

Comments: Be the first to comment