-- XML schema extracted from ITU-T X.1143 (11/2007)

<?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://www.itu.int/ITU-T/formal-language/xml/database/itu-t/x/x1142/2006/x1142-AnnD.2%20XACML%20policy%20schema.xsd" PolicyId="urn:oasis:names:tc:example:Ex1" RuleCombiningAlgId="identifier:rule-combining-algorithm:deny-overrides"> <Description> Example message access control policy </Description> <Target/> <Rule RuleId="urn:oasis:names:tc:xacml:2.0:example:Ex1" Effect="Permit"> <Description> Only administrator can Reboot the system </Description> <Target> <Subjects> <Subject> <SubjectMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string"> administrator </AttributeValue> <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string"/> </SubjectMatch> </Subject> </Subjects> <Resources> <Resource> <ResourceMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI"> http://localhost:8080/services/Reboot </AttributeValue> <ResourceAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#anyURI" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id"/> </ResourceMatch> </Resource> </Resources> </Target> </Rule> </Policy>