A role-based XACML administration and delegation profile and its enforcement architecture

Authors:
Min Xu;Duminda Wijesekera
Affiliations:
George Mason University, Fairfax, VA, USA;George Mason University, Fairfax, VA, USA
Venue:
Proceedings of the 2009 ACM workshop on Secure web services
Year:
2009

Citing 13
Cited 2

Role-Based Access Control Models

Computer
A rule-based framework for role based delegation

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
ACM SIGAda Ada Letters

ACM SIGAda Ada Letters
PBDM: a flexible delegation model in RBAC

Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Constrained Delegation

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Role-based cascaded delegation

Proceedings of the ninth ACM symposium on Access control models and technologies
Policy Administration Control and Delegation Using XACML and Delegent

GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Secure delegation for distributed object environments

COOTS'98 Proceedings of the 4th conference on USENIX Conference on Object-Oriented Technologies and Systems - Volume 4
Towards Session-Aware RBAC Administration and Enforcement with XACML

POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
Adding support to XACML for dynamic delegation of authority in multiple domains

CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security

A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules

Proceedings of the 1st ACM International Health Informatics Symposium
Enforcing spatio-temporal access control in mobile applications

Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The OASIS technical committee published the XACML v3.0 administration and delegation profile (XACML-Admin) working draft on 16 April 2009 [3] in order to provide policy administration and dynamic delegation services to the XACML runtime. We enhance this profile by adding role-based delegation by amalgamating the proposed profile with the XACML-ARBAC profile proposed in [19]. By doing so, we improve the scalability of the delegation mechanism. Second, we show how XACML-ARBAC enforcement mechanism proposed in [19] can be enhanced to enforce the proposed role-based administration and delegation XACML profile (XACML-ADRBAC), therefore providing a method to enforce the XACML-Admin profile proposed in [3].