1 <?xml version="1.0" encoding="UTF-8"?>
3 xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
5 xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17
6 http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"
7 PolicyId="urn:oasis:names:tc:xacml:3.0:example:SimplePolicy1"
9 RuleCombiningAlgId="identifier:rule-combining-algorithm:deny-overrides">
11 Medi Corp access control policy
15 RuleId= "urn:oasis:names:tc:xacml:3.0:example:SimpleRule1"
18 Any subject with an e-mail name in the med.example.com domain
19 can perform any action on any resource.
25 MatchId="urn:oasis:names:tc:xacml:1.0:function:rfc822Name-match">
27 DataType="http://www.w3.org/2001/XMLSchema#string"
28 >med.example.com</AttributeValue>
31 Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
32 AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id"
33 DataType="urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name"/>