| <?xml version="1.0" encoding="UTF-8" standalone="no"?> |
| <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIC002:policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> |
| <Description> |
| Policy for Conformance Test IIC002. |
| </Description> |
| <Target/> |
| <Rule Effect="Permit" RuleId="urn:oasis:names:tc:xacml:2.0:conformance-test:IIC002:rule"> |
| <Description> |
| A subject who is at least 5 years older than Bart |
| Simpson may read Bart Simpson's medical record. |
| </Description> |
| <Condition> |
| <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal"> |
| <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-subtract"> |
| <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">10</AttributeValue> |
| <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">3</AttributeValue> |
| </Apply> |
| <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">5</AttributeValue> |
| |
| </Apply> |
| </Condition> |
| </Rule> |
| </Policy> |
