X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control

ACM Transactions on Information and System Security

Volumn 8, Issue 2, 2005, Pages 187-227

  Bhatti, Rafae ^a   Ghafoor, Arif ^a   Bertino, Elisa ^a,c   Joshi, James B D ^b  

^a PURDUE UNIVERSITY   (United States)

^b UNIVERSITY OF PITTSBURGH   (United States)

^c Purdue University   (United States)

Author keywords

Role based access control; Secure enterprises; XML

Indexed keywords

ROLE-BASED ACCESS CONTROL; SECURE ENTERPRISES; SOFTWARE ARCHITECTURE; USER-TO-ROLE ASSIGNMENT (UA);

COMPUTER HARDWARE DESCRIPTION LANGUAGES; COMPUTER SOFTWARE; DISTRIBUTED COMPUTER SYSTEMS; JAVA PROGRAMMING LANGUAGE; MATHEMATICAL MODELS; XML;

SECURITY OF DATA;

EID: 23244445557     PISSN: 10949224     EISSN: None     Source Type: Journal    
DOI: 10.1145/1065545.1065547     Document Type: Review

References (36)

1. BACON, J., MOODY, K., AND YAO, W. 2002. A model of OASIS role-based access control and its support for active security. ACM Transactions on Information and System Security, 5, 4 (Nov.).
2. BERTINO, E., BETTINI, C., FERRARI, E., AND SAMARATI, P. 1998. An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems 23, 3 (Sept).
3. BERTINO, E., BONATTI, P., AND FERRARI, E. 2001. TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security 4, 3 (Aug.).
4. BERTINO, E., CASTANO, S., AND FERRARI, E. 2001. Securing XML documents with author X. IEEE Internet Computing 5, 3 (May-June).
5. BERTINO, E., CASTANO, S., FERRARI, E., AND MESITI, M. 1999a. Controlled access and dissemination of XML documents. In Workshop on Web Information and Data Management, Kansas City, MI, Nov. 2-6.
6. BERTINO, E., FERRARI, E., AND ATLURI, V. 1999b. The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security 2, 1 (Feb.).
7. BHATTI, R. 2003. X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control. Masters Thesis, Purdue University. Available as CERIAS Technical Report 2003-27.
8. BHATTI, R., BERTINO, E., AND GHAFOOR, A. 2004a. Towards Improved Federated Identity and Privilege Management in Open Systems. CERIAS Technical Report 2004-32.
9. BHATTI, R., JOSHI, J. B. D., BERTINO, E., AND GHAFOOR, A. 2004b. XML-based RBAC policy specification for secure Web-services. IEEE Computer 37, 4 (Apr.).
10. BHATTI, R., JOSHI, J. B. D., BERTINO, E., AND GHAFOOR, A. 2004c. X-GTRBAC admin: A decentralized adminstration model for enterprise wide access control. In Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, Yorktown, Heights, NY, June 2-4.
11. FERRAIOLO, D. F., BARKLEY, J. F., AND KUHN, D. R. 1999. A role based access control model and reference implementation within a corporate Intranet. ACM Transactions on Information and System Security 2, 1 (Feb.).
12. FERRAIOLO, D. F., GILBERT, D. M., AND LYNCH, N. 1993. An examination of federal and commercial access control policy needs. In Proceedings of NISTNCSC National Computer Security Conference, Baltimore, MD, Sept. 20-23.
13. FERRAIOLO, D. F., SANDHU, R., GAVRILA, S., RICHARD KUHN, D., AND CHANDRAMOULI R. 2001. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4, 3 (Aug.).
14. FERRAIOLO, D., SANDHU, R., GAVRILA, S., KUHN, R., AND CHANDRAMOULI, R. 2000. The NIST model for role-based access control: Towards a unified standard. In Proceedings of the 5th ACM Workshop on Role-Based Control, Berlin, Germany, July 26-28.
15. GAVRILA, S. I. AND BARKLEY, J. F. 1998. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of the 3rd ACM Workshop on Role-Based Access Control, Fairfax, VA, Oct. 22-23.
16. IBM. Why XML schema beats DTDs hands-down for data, http://www-106.ibm. com/developerworks/xml/library/x-sbsch.html.
17. IIES. Purdue reference model for computer integrated manufacturing. http://iies.www.ecn.purdue.edu/IIES/PLAIC/PERA/ReferenceModel/index.html.
18. ISO. 1986. Standard Generalized Markup Language (SGML). ISO 8879. Information Processing - Text and Office Systems - Standard Generalized Markup Language (SGML).
19. JAVA COMMERCE. XML tutorial. http://www.javacommerce.com/tutorial/xmlj/ intro.htm.
20. JTENENBG. Overview of enterprise computing, http://faculty.washington. edu/jtenenbg/courses/455/s02/sessions/ec_overview.ppt.
21. JOSHI, J. B. D., BERTINO, E., LATIF, U., AND GHAFOOR, A. 2005. A generalized temporal role based access control model (GTRBAC). IEEE Transaction on Knowledge and Data Engineering 17, 1 (Jan.).
22. Also available as CERIAS Technical Report 2001-47.
23. JOSHI, J. B. D., GHAFOOR, A., AREF, W., AND SPAFFORD, E. H. 2001. Digital government security infrastructure design challenges. IEEE Computer 34, 2 (Feb.).
24. KERN, A. 2002. Advanced features for enterprise-wide role-based access control. In Annual Computer Security Applications Conference, Las Vegas, NV, Dec. 9-13.
25. NIEZETTE, M. AND STEVENNE, J. 1992. An efficient symbolic representation of periodic time. In Proceedings of 1st International Conference on Information and Knowledge Management, Baltimore, MD, Nov. 8-11.
26. OSBORN, S. L., SANDHU, R., AND MUNAWER, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3, 2 (Feb.).
27. SANDHU, R., COYNE, E. J., FEINSTEIN, H. L., AND YOUMAN, C. E. 1996. Role based access control models. IEEE Computer 29, 2 (Feb.).
28. VUONG, N. N., SMITH, G. S., AND DENG, Y. 2001. Managing security policies in a distributed environment using eXtensible markup language (XML). In Symposium on Applied Computing, Las Vegas, NV, Mar. 11-14.
29. W3SOAP. Simple object access protocol (SOAP) 1.1. http://www.w3.org/TR/ SOAP/.
30. W3. W3C XML schema. www.w3.org/XML/Schema.
31. WEB REFERENCE. Web services XML's role, http://www.webreference.com/js/ tips/011028.html.
32. XML. 2000. eXtensible Markup Language (XML) 1.0 (Second). W3C Recommendation 6 October 2000. http://www.w3.org/TR/REC-xml.
33. XML COVERPAGES. 2003a. XACML 1.0 specification, http://xml.coverpages. org/ni2003-02-11-a.html.
34. XML COVERPAGES. 2003b. SAML 1.0 specification, http://xml.coverpages.org/ ni2003-05-27-b.html.
35. XML COVERPAGES. 2004. OASIS RBAC announcement, http://xml.coverpages.org/ ni2004-04-05-a.html.
36. XPATH. 2002. XML Path Language (XPath) 2.0. Working Draft 16 August 2002. http://www.w3.org/TR/xpath20/.