While in SOL1 the set of enumerators is fixed and with fixed meaning which is hardwired to the simplest PEP implementations, we foresee users inventing additional attributes and enumerators. This raises the need for the PEP implementations to be configurable or somehow understand the new enumerators on basis of their semantics.
Such configurations and online semantics passing can be achieved with
Simple Obligations Dictionaries (SODs), which effectively allow the semantics
to be declared. The dictionary can be stored in a configuration file,
and we provide SOL1 standard dictionary as sol1.sod (which you should
not modify) and you may be able to provide additional dictionary
fragments in user editable configuration files. Alternatively,
the nonstandard dictionary fragments can be passed inline in the
protocol by means of
Example
<e:Envelope>
<e:Header>
<!-- WS-Addressing headers and wsse:Security with DSIG not shown -->
<b:UsageDirective id="USE">
<xa:Obligation ObligationId="urn:tas3:sol1" FulfillOn="Permit">
<xa:AttributeAssignment
AttributeId="urn:tas3:sol1:pledge"
DataType="http://www.w3.org/2001/XMLSchema#string">
urn:tas3:sol:vers=1
urn:tas3:sol1:delon=1255555377
urn:tas3:sol1:use=urn:tas3:sol1:use:purpose
urn:tas3:sol1:share=urn:tas3:sol1:share:group
urn:tas3:sol1:repouse=urn:tas3:sol1:repouse:oper
</>
</>
<tas3sol:Dict xmlns:tas3sol="http://tas3.eu/tas3sol/200911/">
Entities:
Data Subject (Agent the Data describes)
Data Processor (Agent that processes the Data)
Data (Information which is a resource under protection)
Organisation (a Data Processor)
Marketing (an Action)
Process (an Action of manipulating Data)
Relations:
Identify
Retain
Property
May (property of an action)
Must (property of an action)
urn:tas3:sol1:use:mktident is an enumerator of urn:tas3:sol1:use
urn:tas3:sol1:use:mktident means
Organization (who) - Process (action) - Data (what) - Marketing (why)
Organization (who) - Identify (action) - Data Subject (What)
</>
</>
</>
<e:Body id="BDY">
<idhrxml:Query>...</></></>
This example uses