Offline Expansion of XACML Policies Based on P3P Metadata

نویسندگان

  • Claudio Agostino Ardagna
  • Ernesto Damiani
  • Sabrina De Capitani di Vimercati
  • Cristiano Fugazza
  • Pierangela Samarati
چکیده

In the last few years XML-based access control languages like XACML have been increasingly used for specifying complex policies regulating access to network resources. Today, growing interest in semanticWeb style metadata for describing resources and users is stimulating research on how to express access control policies based on advanced descriptions rather than on single attributes. In this paper, we discuss how standard XACML policies can handle ontology-based resource and subject descriptions based on the standard P3P base data schema. We show that XACML conditions can be transparently expanded according to ontology-based models representing semantics. Our expansion technique greatly reduces the need for online reasoning and decreases the system administrator’s effort for producing consistent rules when users’ descriptions comprise multiple credentials with redundant attributes.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Offline Expansion of XACML Policies

In the last few years XML-based access control languages like XACML have been increasingly used for specifying complex policies regulating access to network resources. Today, growing interest in Semantic-Web style metadata for describing resources and users is stimulating research on how to express access control policies based on advanced descriptions rather than on single attributes. In this ...

متن کامل

Policy Refinement Checking ( Extended

We introduce refinement checking for privacy policies expressed in P3P and XACML. Our method involves a translation of privacy policies to a set of process specifications in CSP, which describe how the privacy policy is enforced. The technique is described through an example involving medical data collected by a biobank.

متن کامل

EnCoRe: Ensuring Consent and Revocation

We introduce refinement checking for privacy policies expressed in P3P and XACML. Our method involves a translation of privacy policies to a set of process specifications in CSP, which describe how the privacy policy is enforced. The technique is described through an example involving medical data collected by a biobank.

متن کامل

Ontology based Specification of Web Service Policies

An ever-growing number of XML-based languages are used to describe Web Service related issues such as security (WS-Security Policy), access control (XACML), or privacy (P3P-WS). While it is desirable to specify policies in a declarative way, these languages expose great diversity in both syntax and semantics making it hard to realize a unified system. Our contribution to this problem is twofold...

متن کامل

Privacy Policy Negotiation at User’s Side Based on P3P Tag Value Classification

Concerns of users about privacy of their personal data are of higher and higher importance to online Service Providers (SPs), as they turn into a major barrier for broad acceptance by users of services that are known to collect and utilize their personal data. With the P3P standard (Platform for Privacy Preferences), in the context of web-based applications, users are allowed to keep control ov...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2005