Authrule: A generic rule-based authorization module

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4127 LNCS, Issue , 2006, Pages 267-281

  Busch, Sönke ^a   Muschall, Björn ^b   Pernul, Gönther ^b   Priebe, Torsten ^a  

^a Booz Allen Hamilton GmbH ^*  (Austria)

^b UNIVERSITY OF REGENSBURG   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SOFTWARE; COPYRIGHTS; DATA PRIVACY; DECISION MAKING; LOGIC PROGRAMMING; SECURITY OF DATA; SOFTWARE ARCHITECTURE;

AUTHORIZATION DECISION; AUTHORIZATION MODULE; RULE-BASED SYSTEMS; SOFTWARE ARCHITECTURE; ARBITRARY MODELS; ATTRIBUTE BASED ACCESS CONTROL; AUTHORIZATION MODEL; CONTROL PROCESS; GENERIC RULES; MILITARY FIELDS; RULE BASED TECHNOLOGIES;

SECURITY OF DATA; ACCESS CONTROL;

EID: 33746703266     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11805588_19     Document Type: Conference Paper

References (13)

1. Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A Content-based Authorization Model for Digital Libraries. IEEE Transactions on Knowledge and Data Engineering, Volume 14, Number 2, March/April 2002.
2. Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A Logical Framework for Reasoning about Access Control Models. In: ACM Transactions on Information and System Security, Volume 6, Number 1, pp. 71-127, Februar 2003.
3. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D., and Chandramouli, R.: Proposed NIST Standard for Role-based Access Control. In: ACM Transactions on Information and Systems Security, Volume 4, Number 3, August 2001.
4. Ferrari, E., Adam, N.R., Atluri, V., Bertino, E., Capuozzo, U.: An Authorization System for Digital Libraries. In: VLDB Journal, Volume 11, Number 1, 2002.
5. Enterprise JavaBeans 3.0. Java Specification Request 220 Proposed Final Draft, http://jcp.org/aboutJava/communityprocess/pfd/jsr220/index.html
6. Kagal, L., Finin, T., Joshi, A.: A Policy Based Approach to Security for the Semantic Web. In: Proc. 2nd International Semantic Web Conference (ISWC 2003), Sanibel Island, FL, October 2003.
7. OASIS extensible Access Control Markup Language v2.0 (XACML). http://docs.oasis-open.org/xacml/2.0/access.control-xacml-2.0-core-spec-os.pdf
8. Park, J., Sandhu, R.: The UCONABC Usage Control Model. In: ACM Transactions on Information Systems Security, Volume 7, Number 1, pp. 128-174, February 2004.
9. Priebe, T., Fernandez, E.B., Mehlau, J.I., Pernul, G.: A Pattern System for Access Control. In: Proc. 18th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Sitges, Spain, July 2004.
10. Priebe, T., Dobmeier, W., Muschall, B., Pernul, G.: ABAC - Ein Referenzmodell für attributbasierte Zugriffskontrolle. In: Proc. 2. Jahrestagung Fachbereich Sicherheit der Gesellschaft für Informatik (Sicherheit 2005), Regensburg, Germany, April 2005.
11. Uszok, A. et. al.: KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction and Enforcement. In: Proc. 4th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Comersee, Italy, June 2003.
12. Dridi, F., Fischer, M., Pernul, G.: CSAP - An Adaptable Security Module for the E-government System Webocrat. In: Proc. of the 18th IFIP International Information Security Conference (SEC 2003), Athens, Greece, May 2003.
13. Osborn, S., Sandhu, R., Munawar, Q.: Configuring Role-based Access Control to enforce Mandatory and Discretionary Access Control Policies In: ACM Transactions on Information and System Security (TISSEC), volume 3, pages 85-106, 2000