Scalable Access Policy Administration (Invited Paper): Opinions and a Research Agenda

IFIP Advances in Information and Communication Technology

Volumn 193, Issue , 2005, Pages 355-370

  Rosenthal, Arnon ^a  

^a MITRE CORPORATION   (United States)

Author keywords

access policy; Policy administration; privacy; role based access control; scale; security; semantic web; simplicity

Indexed keywords

ACCESS POLICIES; POLICY ADMINISTRATIONS; ROLE-BASED ACCESS CONTROL; SCALE; SECURITY; SIMPLICITY;

DATA PRIVACY; FINANCE; INDUSTRY; SEMANTIC WEB;

INFORMATION SYSTEMS;

EID: 84883218846     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Article

References (19)

1. [AC] V. Atluri, S. Chun, An Access Control Model for Geo-spatial Data, IEEE Transactions on Dependable and Secure Systems, October-December, 2004
2. [AS] S. Agrawal, B. Sprick Access Control for Semantic Web Services, IEEE ICSW, 2004
3. [BJBG] R. Bhatti, J. Joshi, E. Bertino, A. Ghafoor, X-GTRBAC Admin: A Decentralized Administration Model for Enterprise Wide Access Control, ACM SACMAT Conference, Yorktown Heights, 2004
4. [BS] E. Bertino, R. Sandhu, Database Security-Concepts, Approaches, and Challenges, IEEE Transactions On Dependable And Secure Computing, January-March 2005
5. [CCF] S. Castano, S. De Capitani di Vimercati, M.G. Fugini, Automated Derivation of Global Authorizations for Database Federations, Journal of Computer Security, 1997
6. [FKC] D Ferraiolo, R. Kuhn, R. Chandramouli, Role Based Access Control, Artech House, 2004
7. [GO] E Gudes and M. Olivier, Security Policies in Replicated and Autonomous Databases, IFIP11.3 Database Security 1998
8. [IJITM] Call For papers Special Issue on: Access Control and Inference Control for the Semantic Web, International Journal of Information Technology and Management (IJITM) http://www.inderscience.com/browse/callpaper.php?callID=189
9. [KF+] L. Kagal, T. Finin, M. Paolucci, N. Srinivasan, and K. Sycara, G. Denker, Authorization and Privacy for Semantic Web Services, IEEE Intelligent Systems, 2004
10. [KKKR] A. Kern, M. Kbhlmann, R. Kuropka, A. Ruthert, A Meta Model for Authorisations in Application Security Systems and their Integration into RBAC Administration, ACM SACMAT Conf. Yorktown Heights, NY 2004.
11. [LMW] N. Li, J. Mitchell, W. Winsborough: Design of a Role-Based Trust-Management Framework. IEEE Symposium on Security and Privacy 2002
12. [Lo] D. Lomet, A Role for Research in the Database Industry, ACM Computing Surveys 28(4es), Dec. 1996
13. [NIST] National Institute of Science and Technology (website) Role Based Access Control http://csrc.nist.gov/rbac/
14. [Oasis] Oasis Consortium, extensible Access Control Markup Language (XACML) and Security Application Markup Language (SAML), http://www.oasis-open.org/
15. [PM] T. Prickett-Morgan, Gartner Says Database Market Continued Its Recovery in 2004, UNIX Guardian, June 9, 2005
16. [QA] L. Qin, V. Atluri, Concept-level Access Control for the Semantic Web, ACM Workshop on XML Security, 2003
17. [RW] A. Rosenthal, M. Winslett Security of Shared Data in Large Systems: State of the Art and Research Directions, Tutorial, ACM SIGMOD Conf, 2004, and VLDB. 2004
18. [TL] M. Tripunitara, N. Li, Comparing the power of access control models, ACM conference on Computer and communications security, 2004
19. [WWJ] L. Wang, D. Wijesekera, S. Jajodia, A Logic-based Framework for Attribute based Access Control, ACM FMSE 2004