...
XACML native policies are encoded in XML which defines access control rules required by new XACML application. In particular, the access control rules include subject, action and resource specification (i.e. 'subject' wants to do 'action' to 'resource', can it be allowed?). Some of these fields can be wildcarded to match all the possibilities. XACML policy author should compose such rules/policies in XACML XML and validate it through conformance test which is under using test tools that are supported in the GitHub:att/XACML /XACML-PDP/src/test/java/com/att/research/xacmlatt/pdp/test/conformanceproject. After ensuring newly composed XACML policy can fit the need, XACML author can then call create native policy API to insert new XACML policy to policy framework.
...
XACML PDP will need to be able to ingest a XACML XML Policy directly. One suggestion is to create an application specifically for the XACML natives rules by default. The opportunity exists where a policy designer could create a specific application that supports native XACML policies (with or without TOSCA Policy Types as an option) and uses the grouping of PDPs to differentiate itself from the default XACML native rule application. The XACML PDP should also be enhanced to support configuring of applications in order to provide flexibility to the policy designers as to where all of its possible policy types and content types are deployed.
...