RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A semantic-based execution model for multilevel secure workflows
Journal of Computer Security
The design and implementation of the redland RDF application framework
Proceedings of the 10th international conference on World Wide Web
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Three Implementations of SquishQL, a Simple RDF Query Language
ISWC '02 Proceedings of the First International Semantic Web Conference on The Semantic Web
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Access Control and Authorization Constraints for WS-BPEL
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Evaluating distributed xacml policies
Proceedings of the 2007 ACM workshop on Secure web services
An Algebra for Composing Ontologies
Proceedings of the 2006 conference on Formal Ontology in Information Systems: Proceedings of the Fourth International Conference (FOIS 2006)
XACML policies for exclusive resource usage
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Secure federation of semantic information services
Decision Support Systems
Hi-index | 0.00 |
The XACML is the access controller of the World Wide Web (WWW). The current reference implementation has a single policy decision point and a policy enforcement point. If XACML policies are used to control workflow among cooperating web services, such as those envisioned in more contemporary languages like (BPEL), it requires coordination to be policy compliant. We propose the necessary enhancements required to do so by passing contextual informationthat are needed for the requester to evaluate an access control decision as opposed to the standard four decision values of permit, deny, indeterminate to make a decisionand an unforeseeable error occurred during evaluation. Proposed contextual information is sufficient to coordinate and if necessary synchronize among coordinating policy enforcement points distributed among the WWW. We show how the contextual information can be constructed and verified using the Resource Description Framework (RDF) and the coordination implemented using BPEL.