Book Chapter10.1007/3-540-45705-4_22
XML-Based Distributed Access Control System
Javier Lopez,Antonio Maña,Mariemma Inmaculada Yagüe del Valle +2 more
- 02 Sep 2002
- Vol. 2455, pp 203-213
TL;DR: This paper allows policies to be bound to the data but not attached to, and introduces X-ACS, an XML-based language designed to express policies in a simple and unambiguous way overcoming the limitations of other approaches.
read more
Abstract: The use of attribute certificates andthe concept of mobile policies have been proposed to overcome some of the limitations of the role based access control (RBAC) paradigm and to implement security requirements such as the "originator controlled" (ORCON) policy. Mobile policies are attached to the data that they control and enforced by their execution in trusted servers. In this paper we extend this idea to allow the execution of the policies in untrusted systems. Our extension allows policies to be bound to the data but not attached to. Through this modification security administrators are able to change policies dynamically and transparently. Additionally, we introduce X-ACS, an XML-based language designedto express policies in a simple and unambiguous way overcoming the limitations of other approaches. Important features of X-ACS are that it can be used by processors with limited capabilities such as smart cards while allowing the automated validation of policies.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Applying the semantic Web layers to access control
Mariemma I. Yagüe,Antonio Maña,Javier Lopez,José M. Troya +3 more
- 01 Sep 2003
TL;DR: This work demonstrates how the semantic web concepts and its layers infrastructure may play an important role in many relevant fields, such as the case of access control and authorization fields.
Survey on XML-Based Policy Languages for Open Environments
Mariemma I. Yagüe
- 01 Jan 2006
TL;DR: This paper reviews several XML based languages and analyses their suitability for use in a mobile policy environment for access control and Digital Rights Management, along with some conclusions on the suitability of each language to the new applications emerging on the Internet.
27
A semantic approach for access control in web services
M. I. Yagüe,J. M. Troya +1 more
- 17 Dec 2002
TL;DR: The Semantic Policy Language is introduced for the description of access control criteria based on the use of attribute certificates and is modular, enables the abstraction and reuse of components, the composition of SPL policies in an unambiguous way, and the dynamic instantiation of parameters based on semantic properties about resources.
Integrating PMI services in CORBA applications
TL;DR: PMIRAD is presented, an approach to integrate the services of an external PMI into CORBA applications using the RAD facility, based on the semantic description of the PMI services.
14
XML distributed security policy for clusters
Axelle Apvrille,Makan Pourzandi +1 more
TL;DR: A new security policy language for clusters is presented: Distributed Security Policy (DSP), based on XML, which offers a precise and easy way to customize security of clusters.
13
References
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
The Ponder Policy Specification Language
Nicodemos Damianou,Naranker Dulay,Emil Lupu,Morris Sloman +3 more
- 29 Jan 2001
TL;DR: The Ponder language provides a common means of specifying security policies that map onto various access control implementation mechanisms for firewalls, operating systems, databases and Java.
The NIST model for role-based access control: towards a unified standard
Ravi Sandhu,David F. Ferraiolo,D. Richard Kuhn +2 more
- 26 Jul 2000
TL;DR: The NIST model focuses on those aspects of RBAC for which consensus is available and is organized into four levels of increasing functional capabilities called flat RBAC, hierarchicalRBAC, constrained RBAC and symmetric RBAC.
1K
Policy Driven Management for Distributed Systems
TL;DR: This paper describes the work on policy which has come out of two related ESPRIT funded projects, SysMan and IDSM and shows how a number of example policies can be modeled using these objects and briefly mention issues relating to policy hierarchy and conflicts between overlapping policies.
ACM transactions on database systems: aim and scope
David K. Hsiao
- 01 Mar 1976
TL;DR: The aim of ACM Transactions on Database Systems (TODS) is to serve as a focal point for an integrated dissemination of database research and development on storage and processor hardware, system software, applications, information science, information analysis, and file management.
510