Members of the OASIS interoperability consortium have approved the Extensible Access Control Markup Language (XACML) as an OASIS Open Standard, the highest level of ratification. XACML allows developers to express and enforce policies for information access over the Internet. The OASIS XACML specification was developed by Entrust, IBM, OpenNetwork, Quadrasis, Sterling Commerce, Sun Microsystems, and other members of the OASIS Extensible Access Control Markup Language Technical Committee. Before becoming an OASIS Open Standard, XACML first completed a public review and was approved by the OASIS XACML Technical Committee. Then, the specification underwent multiple implementations, after which XACML was reviewed and approved by the OASIS membership as a whole. XACML is the latest addition to the OASIS portfolio of security standards. It joins another recently approved OASIS Open Standard, the Security Assertion Markup Language (SAML), as well as emerging specifications advanced within OASIS such as WS-Security, Service Provisioning Markup Language (SPML), Digital Signature Services (DSS), and Public Key Infrastructure (PKI).