Attribute-based authentication and authorisation infrastructures for e-commerce providers

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4082 LNCS, Issue , 2006, Pages 132-141

  Schläger, Christian ^a   Sojer, Manuel ^a   Muschall, Björn ^a   Pernul, Günther ^a  

^a UNIVERSITY OF REGENSBURG   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ARTIFICIAL INTELLIGENCE; INFORMATION USE; INTERNET; SECURITY OF DATA;

ATTRIBUTE-BASED ACCESS CONTROL (ABAC) MECHANISMS; DYNAMIC ACCESS CONTROL; E-COMMERCE PROVIDERS;

ELECTRONIC COMMERCE;

EID: 33750066953     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11823865_14     Document Type: Conference Paper

References (19)

1. Alfieri, R., Cecchini, R., Ciaschini, V., dell'Agnello, L., Frohner, Á., Gianoli, A., Lörentey, K., Spataro, F.: VOMS, an Authorization System for Virtual Organizations. European Across Grids Conference 2003, 33-40 (2003).
2. Busch, S., Muschall, B., Pernul, G., Priebe, T.: Authrule: A Generic Rule-Based Authorization Module. In: Proc. of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security(IFIP 11.3), France (2006).
3. Cantor, S., Kemp, J.: Liberty ID-FF Protocols and Schema Specification. http://www.projectliberty.org/specs/liberty-idff-protocols-schema-v1.2.pdf (2003).
4. Cantor, S.: Shibboleth Architecture, Protocols and Profiles, Working Draft 05, 23 November 2004. http://shibboleth.internet2.edu/docs/draft-mace- shibboleth-arch-protocols-05.pdf (2004).
5. Castro-Rojo, R., Lopez, D. R.: The PAPI system: point of access to providers of information. Computer Networks 37 6, 703-710 (2001).
6. Chadwick, D. W., Otenko, A.: The PERMIS X.509 role based privilege management infrastructure. Future Generation Comp. Syst. 19 2, 277-289 (2003).
7. Katsikas, S. K., Lopez, J., Pernul, G.: Trust, Privacy and Security in E-business: Requirements and Solutions. 10th Panhellenic Conference on Informatics (2005).
8. Lepro, R.: Cardea: Dynamic Access Control in Distributed Systems. NAS Technical Report NAS-03-020, 1-13 (2003).
9. Lopez, J., Oppliger, R., Pernul, G.: Authentication and Authorization Infrastructures (AAIs): A Comparative Survey. Computers & Security 23 7, 578-590 (2004).
10. Microsoft: Microsoft.NET Passport Review Guide, www.microsoft.com/net/ services/passport/review_guide.asp (2003).
11. OASIS Security Services Technical Committee: Security Assertion Markup Language (SAML). http://www.oasis-open.org/committees/tc_home.php?wg_abbrev= security (2005).
12. OASIS eXtensible Access Control Markup Language Technical Committee: eXtensible Access Control Markup Language (XACML). http://www.oasis-open.org/ committees/tc_home.php?wg_abbrev=xacml (2005).
13. Pearlman, L., Kesselman, C., Welch, V., Foster, I., Tuecke, S.: The Community Authorization Service: Status and Future. 2003 Conference for Computing in High Energy and Nuclear Physics (2003).
14. Priebe, T., Dobmeier, W., Kamprath, N.: Supporting Attribute-based Access Control with Ontologies. 1st International Conference on Availability, Reliability and Security (2006).
15. Schlaeger, C., Pernul, G.: Authentication and Authorisation Infrastructures in b2c e-commerce. Proc. of the 6th International Conference on Electronic Commerce and Web Technologies - EC-Web'05, Denmark, 2005. LNCS 3590, Springer Verlag 2005.
16. Schläger, C., Nowey, T.: Towards a Risk Management Perspective on AAIs. Proc. of the 3rd International Conference on Trust, Privacy, and Security in Digital Business - TrustBus '06, Poland, 2006. LNCS. Springer Verlag 2006.
17. Thompson, M., Essiari, A., Mudumbai, S.: Certificate-based Authorization Policy in a PKJ Environment. ACM Transactions on Information and System Security 6 4, 566-588 (2003).
18. Welch, V., Barton, T., Keahey, K., Siebenlist, F.: Attributes, Anonymity, and Access: Shibboleth and Globus Integration to Facilitate Grid Collaboration. 4th Annual PKJ R&D Workshop (2005).
19. Yuan, E., Tong, J.: Attribute Based Access Control (ABAC) for Web Services. International Conference on Web Services 2005, 561-569 (2005).