Request Open: February 21, 2023 12:00 am — March 23, 2023 12:00 am (29 days left)

The Open Geospatial Consortium (OGC) seeks public comment on version 3.0 of the OGC Geospatial eXtensible Access Control Markup Language (GeoXACML) Standard and its related JSON Profile (v1.0). Comments are due by March 23, 2023.

The OGC Geospatial eXtensible Access Control Markup Language (GeoXACML) 3.0 Standard is a geospatial extension to the OASIS eXtensible Access Control Markup Language (XACML) v3.0 standard, which defines a common language for expressing security policy. As per the XACML documentation, “If implemented throughout an enterprise, a common policy language allows the enterprise to manage the enforcement of all the elements of its security policy in all the components of its information systems.”

GeoXACML 3.0 extends XACML 3.0 to support the interoperable definition of access rights that include geographic conditions, providing additional spatial constraints for XACML-based security policies.

As GeoXACML 3.0 is based on XACML 3.0, it includes those enhancements made to the XACML standard since v2.0, such as support for access conditions that span different XACML categories. This enhancement in particular empowers GeoXACML 3.0 to be a powerful decision engine with support for spatiotemporal access conditions. Further, GeoXACML 3.0 can be operated as a traditional Policy Decision Point or as a cloud-native API gateway.

The OGC GeoXACML 3.0 Standard defines different conformance classes that support flexible implementations tailored to users differing needs. Conformance classes range from access definitions using basic geometry, to geometries based on spatial analysis, to those requiring different coordinate reference systems, and also implementations as OGC API conformant services/Policy Decision Points.

The supplementary OGC GeoXACML 3.0 JSON Profile v1.0 defines an extension to the JSON Profile of XACML 3.0 v1.1 for supporting GeoXACML Authorization Decision Requests and Authorization Decisions encoded in JSON. This ensures an easy uptake in environments where JSON is the preferred encoding.

OGC Members interested in staying up to date on the progress of this standard, or contributing to its development, are encouraged to join the GeoXACML SWG via the OGC Portal.

The candidate OGC Geospatial eXtensible Access Control Markup Language (GeoXACML) version 3.0 Standard (22-049) (.PDF) and candidate GeoXACML 3.0 JSON Profile v1.0 (22-050) (.PDF) are available for review and comment on the OGC Portal. Comments are due by March 23, 2023, and should be submitted via the method below.

To Comment: 
Comments can be submitted to a dedicated email reflector for a thirty day period ending on the “Close request date” listed above, Comments received will be consolidated and reviewed by OGC members for incorporation into the document. Please submit your comments using the following link: Click here to submit comments.
Please refer to the following template for the message body: Comments Template.