Dynamically Authorized Role-Based Access Control for Secure Distributed Computation

Proceedings of the ACM Workshop on XML Security

Volumn , Issue , 2003, Pages 97-103

  Joncheng Kuo, C ^a   Humenn, Polar ^a  

^a SYRACUSE UNIVERSITY   (United States)

Author keywords

Attribute certificates; Authorization domain; CORBA; Role based access control; XML based security assertions

Indexed keywords

DISTRIBUTED COMPUTER SYSTEMS; INTEROPERABILITY; SECURITY OF DATA; SERVERS; STANDARDS;

AUTHENTICATION;

XML;

EID: 0141998521     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (15)

1. Bhamidipati, V. and Sandhu, R. Push Architecture for User Role Assignment. 23rd National Information Systems Security Conference, Baltimore, Maryland, October 2000.
2. Blobel, B. Trustworthiness in Distributed Electronic Healthcare Records. Annual Computer Security Application Conference (ACSAC 2001), December 2001.
3. rd, Reagle, R., and Solo, D. XML-Signature Syntax and Processing. World Wide Web Consortium, March 2002. http://www.ietf.org/rfc/rfc3275.txt.
4. Hine, J., Yao, W., Bacon, J., and Moody, K. An Architecture for Distributed OASIS Services. Middleware 2000, pages 104-120, New York City, New York, April 2000.
5. Hitchens, M. and Varadharajan, V. Issues in the Design of a Language for Role Based Access Control. Second Int'l Conference on Information and Communication Security (ICICS'99), LNCS 1726, 1999.
6. Ferraiolo, D., Sandhu, R., and Gavrila, S. A Proposed Standard for Role-Based Access Control. National Institute of Standards and Technology, December 2000. http://csrc.nist.gov/rbac/.
7. Li, N., Mitchell, J. C., and Winsborough, W. H. Design of a Role-based Trust-Management Framework. IEEE Symposium on Security and Privacy 2002, May 2002.
8. OASIS. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML), Committee Specification 01. Organization for the Advancement of Structured Information Standards, May 31, 2002. http://www.oasis-open.org/committees/security/.
9. OASIS. OASIS extensible Access Control Markup Language (XACML), Committee Specification 1.0. Organization for the Advancement of Structured Information Standards, October 25, 2002. http://www.oasis-open.org/committees/xacml/.
10. OMG. The Common Object Request Broker: Architecture and Specification, Version 3.0. Object Management Group, June 2002. http://www.omg.org/cgi-bin/doc?formal/02-06-01.
11. OMG. Security Service Specification, Version 1.8. Object Management Group, March 2002. http://www.omg.org/cgi-bin/doc?formal/2002-03-11.
12. OMG. Common Secure Interoperability V2 Specification. Object Management Group, March 2001. http://cgi.omg.org/cgi-bin/doc?ptc/2001-03-02.
13. OMG. The Authorization Token Layer Acquisition Service Specification. Object Management Group, October 2001. http://cgi.omg.org/cgi-bin/doc?ptc/2001-10-22.
14. ORBAsec SL3. Adiron, LLC. http://www.adiron.com.
15. Willikens, M., Feriti, S., and Masera, M. A Context-Related Authorization and Access Control Method Based on RBAC: A case study from the health care domain. SACMAT'02, June 2002.