Patterns for authentication and authorisation infrastructures

Proceedings - International Workshop on Database and Expert Systems Applications, DEXA

Volumn , Issue , 2007, Pages 755-759

  Erber, Roland ^a   Schläger, Christian ^a   Pernul, Günther ^a  

^a UNIVERSITY OF REGENSBURG   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ATTRIBUTE-BASED ACCESS CONTROL; E-COMMERCE; HIGH-QUALITY STANDARDS; IN-LINE; OPEN STANDARDS; SECURITY PATTERNS; SECURITY SERVICES; SOFTWARE DEVELOPMENT CYCLES;

ACCESS CONTROL; ADMINISTRATIVE DATA PROCESSING; ARTIFICIAL INTELLIGENCE; AUTHENTICATION; DECISION SUPPORT SYSTEMS; ELECTRONIC COMMERCE; EXPERT SYSTEMS; MANAGEMENT INFORMATION SYSTEMS; STANDARDS;

DATABASE SYSTEMS;

EID: 47849127635     PISSN: 15294188     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DEXA.2007.4     Document Type: Conference Paper

References (17)

1. C. Schläger and G. Pernul, "Authentication and Authorisation Infrastructures in b2c E-Commerce", Proc. of the International Conference on E-Commerce and Web Technologies (EC-Web'05), Copenhagen, Denmark, Lecture Notes in Computer Science (LNCS), Vol. 3590, Copenhagen, Denmark, 2005.
2. J. Yoder and J. Barcalow, "Architectural patterns for enabling application security", in Pattern Languages of Program Design, vol. 4, B. F. N. Harrison, and H. Rohnert, Ed. Harlow, England: Addison-Wesley, 2000.
3. M. Schumacher, E. B. Fernández, D. Hybertson, F. Buschmann, and P. Sommerlad, Security Patterns: Integrating Security and Systems Engineering: John Wiley & Sons, 2006.
4. J. Lopez, R. Oppliger, and G. Pernul, "Authentication and authorization infrastructures (AAIs): a comparative survey", Computers & Security, vol. 23, pp. 578-590, 2004.
5. C. Schläger, T. Nowey, and J. A. Montenegro, "A reference model for Authentication and Authorisation Infrastructures respecting privacy and flexibility in b2c E-Commerce", Proc. of the 1st International Conference on Availability, Reliability and Security (ARES 2006), Vienna, Austria, Vienna, Austria, 2006.
6. C. Schläger, M. Sojer, B. Muschall, and G. Pernul, "Attribute-Based Authentication and Authorisation Infrastructures for E-Commerce Providers", Proc. of the International Conference on E-Commerce and Web Technologies (EC-Web'06), Krakow, Poland, Lecture Notes in Computer Science (LNCS), Vol. 4082, Krakow, Poland, 2006.
7. OASIS Security Services Technical Committee, "Security Assertion Markup Language (SAML)", 2005, online: http://www.oasis-open.org/ committees/tc_home.php?wg_abbrev=security.
8. OASIS eXtensible Access Control Markup Language Technical Committee, "eXtensible Access Control Markup Language (XACML)", 2005, online: http://www.oasis-open. org/committees/tc_home.php?wg_abbrev=xacml.
9. A. Anderson and H. Lockhart, "SAML 2.0 profile of XACML v2.0 (OASIS Standard)", 2005, online: http://docs.oasis-open.org/xacml/2.0/ access_control-xacml-2.0-saml-profile-spec-os.pdf.
10. E. B. Fernandez, N. Delessy, and M. M. Larrondo-Petrie, "Patterns for Web Services Security", Proc. of the 4th Intl. Workshop on Service-Oriented Architecture and Web Services, part of OOPSLA 2006, Portland, Oregon, USA, 2006.
11. N. Delessy, E. B. Fernández, and M. M. Larrondo-Petrie, "A Pattern Language for Identity Management", 2nd IEEE Int. Multiconference on Computing in the Global Information Technology (ICCGI 2007), Guadeloupe, French Caribbean, 2007.
12. P. Morrison and E. B. Fernandez, "The Credential Pattern", Pattern Languages of Programs (PLoP 2006) conference, Portland, Oregon, USA, 2006.
13. E. B. Fernández, "Two patterns for web services security", Proc. International Symposium on Web Services and Applications (ISWS'04), Las Vegas, NV, Las Vegas, NV, USA, 2004.
14. T. Priebe, E. B. Fernández, J. I. Mehlau, and G. Pernul, "A Pattern System for Access Control", Proc. of the Annual IFIP WG 11.3 Working Conference on Data and Application Security Sitges, Spain, 2004.
15. C. Steel, R. Nagappan, and R. Lai, Core security patterns: best practices and strategies for J2EE, Web services, and identity management. Upper Saddle River, NJ: Prentice Hall PTR, 2006.
16. E. B. Fernandez and G. Pernul, "Patterns for Session-Based Access Control", Proc. of the Intl. Conference on Pattern Languages of Programming (PLoP'06), Portland, Oregon, USA, 2006.
17. N. Delessy and E. B. Fernández, "Patterns for the eXtensible Access Control Markup Language", Proc. of the Pattern Languages of Programs Conference (PloP 2005), Allerton Park, IL, USA, 2005.