What markup language allows for the sharing of application security policies to ensure that all applications are following the same security rules?

A.
XML

B.
SPML

C.
XACML

D.
GML

Explanation:
C: Two or more companies can have a trust model set up to share identity, authorization, and authentication methods. This means that if Bill authenticates to his company’s
software, this software can pass the authentication parameters to its partner’s software. This allows Bill to interact with the partner’s software without having to authenticate twice. This
can happen through eXtensible Access Control Markup Language (XACML), which allows two or more organizations to share application security policies based upon their trust model.
XACML is a markup language and processing model that is implemented in XML. It declares access control policies and describes how to interpret them.
A is incorrect because XML (Extensible Markup Language) is a method for electronically coding documents and representing data structures such as those in Web services. XML is
not used to share security information. XML is an open standard that is more robust than its predecessor, HTML. In addition to serving as a markup language in and of itself, XML
serves as the foundation for other more industry-specific XML standards. XML allows companies to use a markup language that meets their different needs while still being able to
communicate with each other.
B is incorrect because Service Provisioning Markup Language (SPML) is used by companies to exchange user, resource, and service provisioning information, not application
security information. SPML is an XML-based framework developed by OASIS with the goal of allowing enterprise platforms (such as Web portals and application servers) to generate
provisioning requests across multiple companies for the purpose of the secure and quick setup of Web services and applications.
D is incorrect because Generalized Markup Language (GML) is a method created by IBM for formatting documents. It describes a document in terms of its parts (chapters,
paragraphs, lists, etc.) and their relationship (heading levels). GML was a predecessor to Standard Generalized Markup Language (SGML) and Hypertext Markup Language (HTML).