Access-control language for multidomain environments

IEEE Internet Computing

Volumn 8, Issue 6, 2004, Pages 40-50

  Joshi, James B D ^a   Bhatti, Rafae ^b   Bertino, Elisa ^c   Ghafoor, Arif ^b  

^a UNIVERSITY OF PITTSBURGH   (United States)

^b PURDUE UNIVERSITY   (United States)

^c Purdue University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

SECURITY OF DATA; SEMANTICS; TELECOMMUNICATION SERVICES; WORLD WIDE WEB; XML;

ACCESS CONTROL LANGUAGE; MULTIDOMAIN ENVIRONMENT; ROLE BASED ACCESS CONTROL; WEB SERVICES;

COMPUTER PROGRAMMING LANGUAGES;

EID: 11044223672     PISSN: 10897801     EISSN: None     Source Type: Journal    
DOI: 10.1109/MIC.2004.53     Document Type: Article

References (16)

1. R. Power, "Tanoled Web": Tales of Digital Crime from the Shadows of Cyberspace, Que/Macmillan Publishing, 2000.
2. J.B.D. Joshi et al., "Digital Government Security Infrastructure Design Challenges," Computer, vol. 34, no. 2, Feb. 2001, pp. 66-72.
3. L. Gong and X. Qian, "Computational Issues in Secure Interoperation," IEEE Trans. Software and Eng., vol. 22, no. 1, Jan. 1996, pp. 43-52.
4. E. Bertino, S. Castano, and E. Ferrari, "Securing XML Documents with Author X," IEEE Internet Computing, vol. 5, no. 3, May/June 2001, pp. 21-31.
5. S.L. Osborn, R. Sandhu, and Q. Munawer, "Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies," ACM Trans. Information and System Security, vol. 3, no. 2, Feb. 2000, pp. 85-106.
6. D. Ferraiolo et al., "The NIST Model for Role-Based Access Control: Towards a Unified Standard," ACM Trans. Information and System Security, vol. 4, no. 3, Aug. 2001, pp. 224-274.
7. N.N. Vuong, G.S. Smith, and Y. Deng, "Managing Security Policies in a Distributed Environment Using Extensible Markup Language (XML)," Proc. Symp. Applied Computing, ACM Press, 2001, pp. 405-411.
8. T. Moses, ed., "OASIS eXtensible Access Control Markup Language (XACML) Version 1.1," committee specification, 24 July 2003; www.oasls-open.org/ committees/xacml/epository /cs-xacmlspecification-1.1.pdf.
9. A. Anderson, ed., "XACML Profile for Role-Based Access Control (RBAC)," OASIS Access Control TC committee draft 01, 13 Feb. 2004,
10. A. Kern, "Advanced Features for Enterprise-Wide Role-Based Access Control," Proc. Ann. Computer Security Applications Conf., IEEE CS Press, 2002, pp. 333-343.
11. J.B.D. Joshi et al., "Generalized Temporal Role-Based Access Control Model," IEEE Trans. Knowledge and Data Eng., accepted for publication.
12. R. Bhatti et al., "XML-Based Specification for Web-Services Document Security," Computer, vol. 37, no. 4, Apr., 2004, pp. 41-49.
13. F. Azzedin and M. Maheswaran, "Towards Trust-Aware Resource Management," Proc. 2nd IEEE/ACM Int'l Symp. Cluster Computing and the Grid (CCGrid 02), IEEE CS Press, 2002, pp. 452-457.
14. L. Pearlman et al., "A Community Authorization Service for Group Collaboration," Proc. IEEE 3rd Int'l Workshop Policies for Distributed Systems and Networks, IEEE Press, 2002, pp. 50-59.
15. M. Blaze et al., "The KeyNote Trust-Management System, version 2," IETF RFC 2704, Sept. 1999; www.ietf.org/fc/rfc2704.txt.
16. J.B.D. Joshi et al., X-RBAC: An Access-Control Language for Multi-Domain Environments, tech. report 2004-46, CERIAS, 2004; www.cerias.purdue.edu/tools_and_resources/bibtex_archive/2004-46.pdf.