Extending XACML for Open Web-based Scenarios
نویسندگان
چکیده
Traditional access control solutions, based on preliminary identification and authentication of the access requester, are not adequate for open Web service systems, where servers generally do not have prior knowledge of the requesters. In this paper, we provide some extensions to the eXtensible Access Control Markup Language (XACML), which is the most significant and emerging solution for controlling access in an interoperable and flexible way, to make it easily deployable and suitable for open Web-based systems.
منابع مشابه
dDelega: Trust Management for Web Services
In the context of Web services, access control presents some interesting challenges, especially when services are exposed to a global audience, with users accessing them from different systems and under different security settings. A decentralized approach to access control, which can be applied to such open environments, is represented by Trust Management. In fact, it is based on the peer-to-p...
متن کاملDeploying Access Control using Extended XACML in Open Web Service Environment
Now a days web services have a greater role in development of software systems. Generally, web server wants to determine which access can be granted and communicate with requesterfor open web service environment. These systems are designed to be open and web servers does not have determined conditions for communicate to the access requester. Such consideration makes traditional access control n...
متن کاملA Logic-Based Framework for Web Access Control Policies
Title of dissertation: A LOGIC-BASED FRAMEWORK FOR WEB ACCESS CONTROL POLICIES Vladimir Kolovski, Doctor of Philosophy, 2008 Dissertation directed by: Professor James Hendler Department of Computer Science With the widespread use of web services, there is a need for adequate security and privacy support to protect the sensitive information these services could provide. As a result, there has be...
متن کاملExtending XACML to support Credential Based Hybrid Access Control
Various research efforts are in progress to enforce credential based access control using XACML standard. The current standard of XACML supports attribute based access control [4,5,9,19]. While XACML accepts certified attributes through digital certificates, it does not support credential based access control in which the access conditions are defined not only in terms of credential attributes ...
متن کاملFormalizing XACML Using Defeasible Description Logics
XACML has emerged as a popular access control language on the Web, but because of its rich expressiveness, it has proved difficult to analyze in an automated fashion. Previous attempts to analyze XACML policies either use propositional logic or full First-Order logic. In this paper, we present a formalization of XACML using Description Logics (DL) . This formalization allows us to extend the su...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009