Advantages of a non-technical XACML notation in role-based models

2011 9th Annual International Conference on Privacy, Security and Trust, PST 2011

Volumn , Issue , 2011, Pages 193-200

  Stepien, Bernard ^a   Matwin, Stan ^b   Felty, Amy ^c  

^a UNIVERSITY OF OTTAWA   (Canada)

^b Devera Logic Inc   (Canada)

^c INSTITUTE OF COMPUTER SCIENCE   (Poland)

Author keywords

access control; notation; PDP performance; XACML

Indexed keywords

ATTRIBUTE BASED ACCESS CONTROL; COMPLEX CONDITION; CONFLICT DETECTION; DECENTRALIZED ACCESS CONTROL; EXPRESSIVE POWER; MULTIPLE APPLICATIONS; NOTATION; PDP PERFORMANCE; POLICY DEVELOPMENT; ROLE-BASED MODELS; RULE FORMATS; WRITE POLICIES; XACML;

SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 80052089327     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PST.2011.5971983     Document Type: Conference Paper

References (28)

1. B. Stepien, A. Felty, and S. Matwin, A non-technical user-oriented display notation for XACML conditions, E-Technologies: Innovation in an Open World, in Proc. of the 4th International MCeTech Conference, Springer LNBIP 26, 2009.
2. XACML, OASIS standard, http://www.oasisopen.org/committees/tc-home.php? wg-abbrev=xacml
3. XACML Profile for Role Based Access Control (RBAC), 2004, http://docs.oasis-open.org/xacml/cd-xacml-rbac-profile-01.pdf.
4. D. F. Ferraiolo, D. R. Kuhn, Role-Based Access Control, in Proc. of the 15th National Computer Security Conference, pages 554-563,1992.
5. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, C. E. Youman, Role-Based Access Control Models, in IEEE Computer, 29(2):38-47, 1996.
6. A. Schaad, J. Moffett, J. Jacob, The Role-Based Access Control System of a European Bank: A Case Study and Discussion, in Proc. of the 6th ACM Symposium on Access Control Models and Technologies, pages 3- 9, 2001.
7. A. Lin, Integrating Policy-Driven Role Based Access Control With The Common Data Security Architecture, Technical Report, HP Laboratories, HPL-1999-59, 1999.
8. R. Kuhn, E. J. Coyne, T. R. Weil, Adding Attributes to Role-Based Access Control, in IEEE Computer, 43(6):79-81, 2010.
9. D. Ferraiolo, R. Kuhn, R. Sandhu, RBAC Standard Rationale, in IEEE Security & Privacy, 5(6):51-53, 2007.
10. R. Chandramouli, Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks, in Proc. of the 5th ACM Workshop on Role-Based Access Control, 2000.
11. S. Barker, P. J. Stuckey, Flexible Access Control Policy Specification with Constraint Logic Programming, in ACM Transactions on Information and System Security, 6(4):501-546, 2003.
12. M. A. C. Dekker, J. Cerderquist, J. Crampton, S. Etalle, Administrative Privileges in RBAC, in !st Benelux Workshop on Information and System Security, 2006.
13. J. K. Adams, A Service-Centric Approach to a Parameterized RBAC Service, in Proc. of the 5th WSEAS International Conference on Applied Computer Science, 2006.
14. A survey of Access Control Models, workshop material of Privilege (Access) Management Workshop, http://csrc.nist.gov/news-events/privilege- managementworkshop/PvM-Model-Survey-Aug26-2009.pdf, 2009.
15. T. Priebe, W. Dobmeier, C. Schläger, N. Kamprath, Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures with Ontologies, in Journal of Software, 2(1):27038, 2007.
16. T. Priebe, W. Dobmeier, B. Muschall, G. Pernul, ABAC-Ein Referenzmodell für attributebasierte Zugriffskontrolle, in Proc. of Sicherheit, 2005.
17. G. Bayer, D. Sengupta, T. Wang, A. Vogt, PrplAc: Attribute-based Access Control in PRPL for Fine Grained Information Sharing using Semantic Web, Technical Report, http://senguptas.org/Documents/cs343-PrplAc.pdf.
18. H. Shen, F. Hong, An Attribute-Based Access Control Model for Web Services, in Proc. of the 7th International Conference on Parallel and Distributed Computing, Applications and Technologies, pages 74-79, 2006. (Pubitemid 351209615)
19. M. Cheaito, R. Laborde, F. Barrère, A. Benzekri, A deployment framework for self-contained policies, in Proc. of the 6th International Conference on Network and Service Management, 2010.
20. L. Wang, D. Wijesekera, S. Jajodia, A Logic-based Framework for Attribute based Access Control, in Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, pages 45-55, 2004. (Pubitemid 40821073)
21. C. A. Ardagna, S. De Capitani di Vimercati, S. Paraboschi, E. Pedrini, P. Samarati, An XACML-Based Privacy-Centered Access Control System, in Proc. of the 1st ACM Workshop on Information Security Governance, pages 49-58, 2009.
22. Sonia Jahid, Imranul Hoque, Hamed Okhravi, Carl A. Gunter, Enhancing Database Access Control with XACML Policy, poster at 16th ACM Conference on Computer and Communications Security, http://www.cs.illinois.edu/homes/sjahid2/ pub/myabdac-ccs09-abstract-JahidHOG.pdf, 2009.
23. B. Stepien, A. Felty, S. Matwin, Strategies for Reducing Risks of Inconsistencies in Access Control Policies, in Proc. of 5th International Conference on Availability, Reliability, and Security, pages 140-147, 2010.
24. M. Cheaito, R. Laborde, F. Barrère, A. Benzekri, An extensible XACML authorization decision engine for context aware applications, in Joint Conferences on Pervasive Computing, pages 377-382, 2009 .
25. F. Turkmen, B. Crispo, Performance Evaluation of XACML PDP Implementations, in Proc. of the 2008 ACM Workshop on Secure Web Services, p. 37-44, 2008.
26. B. Butler, B. Jennings, D. Botvich, XACML Policy Performance Evaluation Using a FlexibleLoad Testing Framework, in Proc. of the 17th ACM Conference on Computer and Communications Security, pages 648-650, 2010.
27. SunXACML, url: http://sunxacml.sourceforge.net/, last access February 2010.
28. H. Shen, F. Hong, An Attribute-Based Access Control Model for Web Services, in Proc. of the 7th International Conference on Parallel and Distributed Computing, Applications and Technologies, pages 74-79, 2006. (Pubitemid 351209615)