A survey on distributed access control systems for web business processes

International Journal of Network Security

Volumn 9, Issue 1, 2009, Pages 61-69

  Koshutanski, Hristo ^a  

^a UNIVERSITY OF MÁLAGA   (Spain)

Author keywords

Distributed access control; Distributed systems security; Security architectures; Web services

Indexed keywords

AUTHORIZATION AND ACCESS CONTROL; DISTRIBUTED ACCESS CONTROLS; DISTRIBUTED RESOURCES; DISTRIBUTED SYSTEMS; DISTRIBUTED SYSTEMS SECURITY; RESEARCH COMMUNITIES; SECURITY ARCHITECTURE; SECURITY CHALLENGES;

ACCESS CONTROL; MIDDLEWARE; SURVEYS; WEB SERVICES; WEBSITES;

NETWORK SECURITY;

EID: 80054063079     PISSN: 1816353X     EISSN: 18163548     Source Type: Journal    
DOI: None     Document Type: Article

References (32)

1. C. Altenschmidt, J. Biskup, U. Flegel, and Y. Karab-ulut, "Secure mediation: Requirements, design, and architecture," Journal of Computer Security, vol. 11, no. 3, pp. 365-398, 2003.
2. R. Au, M. Looi, and P. Ashley, "Cross-domain one-shot authorization using smart cards," in Proceedings of the 7th ACM conference on Computer and communications security, pp. 220-227, ACM Press, 2000.
3. J. Bacon and K. Moody, "Toward open, secure, widely distributed services," Communications of the ACM, vol. 45, no. 6, pp. 59-64, 2002.
4. K. Beznosov, Y. Deng, B. Blakley, C. Burt, and J. Barkley, "A resource access decision service for CORBA-based distributed systems," in Proceedings of 15th IEEE Annual Computer Security Applications Conference (ACSAC'99), pp. 310{319, 1999.
5. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis, "The role of trust management in distributed systems security," in Secure Internet Programming: Security Issues for Mobile and Distributed Objects, pp. 185-210, Springer-Verlag, 1999.
6. M. Blaze, J. Feigenbaum, and A. D. Keromytis, "KeyNote: Trust management for public-key infrastructures," in Proceedings of 6th International Workshop on Security Protocols, LNCS 1550, pp. 59-63, Springer-Verlag, 1998.
7. M. Blaze, J. Feigenbaum, and J. Lacy, "Decentralized trust management," in Proceedings of IEEE Symposium on Security and Privacy, pp. 164-173, 1996.
8. BPEL4WS, Business Process Execution Language for Web Services (BPEL4WS), 2003 (http://www-106.ibm.com/developerworks/webservices/library/ws-bpel).
9. D. Chadwick, A. Otenko, and E. Ball, "Role-based access control with X.509 attribute certificates," IEEE Internet Computing, vol. 7, no. 2, pp. 62-69, Mar/Apr. 2003.
10. D. W. Chadwick and A. Otenko, "The PERMIS X.509 role-based privilege management infrastructure," in Seventh ACM Symposium on Access Control Models and Technologies, pp. 135-140, 2002.
11. Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss, "REFEREE: Trust management for Web applications," Computer Networks and ISDN Systems, vol. 29, pp. 953-964, no. 8-13, 1997.
12. J. A. Hine, W. Yao, J. Bacon, and K. Moody, "An architecture for distributed OASIS services," in IFIP/ACM International Conference on Distributed Systems Platforms, pp. 104{120, Springer-Verlag, 2000.
13. W. Johnston, S. Mudumbai, and M. Thompson, "Authorization and attribute certificates for widely distributed access control," in Proceedings of Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE '98), pp. 340{345, 1998.
14. N. Li, J. C. Mitchell, and W. H. Winsborough, "Design of a role-based trust-management framework," in Proceedings of IEEE Symposium on Security and Privacy, pp. 119-130, 2002.
15. N. Li, W. H. Winsborough, and J. C. Mitchell, "Distributed credential chain discovery in trust management," Journal of Computer Security, vol. 11, no. 1, pp. 35-86, Feb. 2003.
16. R. Oppliger, A. Greulich, and P. Trachsel, "A distributed certificate management system (DCMS) supporting group-based access controls," in Proceedings of 15th IEEE Annual omputer Security Applications Conference (ACSAC'99), pp. 241-248, 1999.
17. J. S. Park and R. Sandhu, "RBAC on the Web by smart certificates," in Proceedings of the Fourth ACM Workshop on Role-based Access Control, pp. 1{ 9, 1999.
18. SAML, Security Assertion Markup Language (SAML), 2004 (http://www.oasis-open.org/committees/security).
19. K. Seamons and W. Winsborough, Automated Trust Negotiation, Technical report, US Patent and Trademark Office, 2002. IBM Corporation, patent application filed Mar. 7, 2000.
20. SPKI, SPKI Certificate Theory, IETF RFC 2693, 1999.
21. M. Thompson, W, Johnston, S. Mudumbai, G. Hoo, K. Jackson, and A. Essiari, "Certificate-based access control for widely distributed resources," in Proceedings of Eighth USENIX Security Symposium (Security'99), pp. 215-228, Aug. 1999.
22. V. Varadharajan, C. Crall, and J. Pato, "Authorization in enterprise-wide distributed system: a practical design and application," in Proceedings of 14th IEEE Annual Computer Security Applications Conference, pp. 178{189, 1998.
23. V. Varadharajan, C. Crall, and J. Pato, "Issues in the design of secure authorization service for distributed applications," in Global Telecommunications Conference (GLOBECOM'98) The Bridge to Global Integration, vol. 2, pp. 874-879, IEEE Press, 1998.
24. S. Weeks, "Understanding trust management systems," in IEEE Symposium on Security and Privacy (SS&P'01), pp. 94-105, 2001.
25. T. Y. C. Woo and S. S. Lam, "Designing a distributed authorization service," in Proceedings of Seventeenth Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'98), vol. 2, pp. 419{429, 1998.
26. T. Y. C. Woo and S. S. Lam, "A framework for distributed authorization", in Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 112-118, 1993.
27. WS ConceptualArchitecture, Web Services Conceptual Architecture (WSCA 1.0), May 2001 (http://www-3.ibm.com/software/solutions/webservices/pdf/WSCA.pdf).
28. X.509, The directory: Public-key and attribute certificate frameworks, ITU-T Recommendation X.509:2000(E) j ISO/IEC 9594-8:2001(E), 2001.
29. XACML, eXtensible Access Control Markup Language (XACML), 2004 (http://www.oasis-open.org/committees/xacml).
30. W. Yao, "Fidelis: A policy-driven trust management framework," in iTrust, LNCS 2692, pp. 301-314, Springer-Verlag, 2003.
31. W. Yao, Trust management for widely distributed systems, PhD thesis, University of Cambridge, Computer Laboratory, 15 JJ Thomson Avenue, Cambridge CB3 0FD, United Kingdom, 2004. Appeared as a technical report UCAM-CL-TR-608, ISSN 1476-2986.
32. M. Zurko, R. Simon, and T. Sanfilippo, "A usercentered, modular authorization service built on an RBAC foundation," in Proceedings of the IEEE Symposium on Security and Privacy, pp. 57-71, 1999.