RBAC Policies in XML for X.509 Based Privilege Management
نویسندگان
چکیده
This paper describes a role based access control policy template for use by privilege management infrastructures where the roles are stored as X.509 Attribute Certificates in an LDAP directory. There is a brief description of the X.509 privilege management model, and how it can be used to implement RBAC. Policies that conform to the template are written in XML, and the template is specified as a DTD. (A future version will specify it as an XML schema). The policy is designed to be used by the PERMIS API, a Java specification for an Access Control Decision Function based on the ISO 10181 Access Control Framework and the Open Group’s AZN API.
منابع مشابه
Designing Access Control Model and Enforcing Security Policies Using Permis for a Smart Item E-health Scenario
Sensor networks in medical applications are the edge component of the health care system. This type of network comprises a significant number of different sensor devices called smart items which are tightly connected and interacts continuously. Smart items measure the values of different health variables and send them through suitable communication interface. Measured data forms a crucial part ...
متن کاملUNSPECIFIED Multi-session Separation of Duties (MSoD) for RBAC
Separation of duties (SoD) is a key security requirement for many business and information systems. Role Based Access Controls (RBAC) is a relatively new paradigm for protecting information systems. In the ANSI standard RBAC model both static and dynamic SoD are defined. However, static SoD policies assume that the system has full control over the assignment of all roles to users, whilst dynami...
متن کاملSecure Role Based Messaging
This paper describes a secure role based messaging system design based on the use of X.509 Attribute Certificates for holding user roles. Access to the messages is authorised by the PERMIS Privilege Management Infrastructure, a policy driven role based access control (RBAC) infrastructure, which allows the assignment of roles to be distributed between trusted issuing authorities, and allows a c...
متن کاملXML Based X.509 Authorization in CERNET Grid
This paper presents an authorization solution for resource management and control developing as a part of the China Education and Research Network (CERNET) to perform fine-grained authorization of job and resource management requested in the Grid environment which meets the Fusion-Grid’s security needs in large scale networks such as CERNET. It integrates the GT2 job manager and X.509 authoriza...
متن کاملI Mproved & E Xtended - Rbac ( Jv - Rbac ) M Odel with X . 509 a Uthentication
Role-based access control models have attracted appreciable research interest in past time due to their providing some flexibility to security management and ability to model organizational structure and their capability to reduce administrative expenses. In this paper, we explains the drawbacks of RBAC96 model in the aspect of the authorization, access rules and fine-grain access controls in t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2002