XML-based access control languages

Authors:
C. A. Ardagna;E. Damiani;S. De Capitani di Vimercati;P. Samarati
Affiliations:
Dipartimento di Tecnologie dell'Informazione, Universití degli Studi di Milano 26013 Crema, Italy;Dipartimento di Tecnologie dell'Informazione, Universití degli Studi di Milano 26013 Crema, Italy;Dipartimento di Tecnologie dell'Informazione, Universití degli Studi di Milano 26013 Crema, Italy;Dipartimento di Tecnologie dell'Informazione, Universití degli Studi di Milano 26013 Crema, Italy
Venue:
Information Security Tech. Report
Year:
2004

Citing 8
Cited 3

Role-Based Access Control Models

Computer
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Professional Web Services Security

Professional Web Services Security
A uniform framework for regulating service access and information release on the web

Journal of Computer Security
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Towards securing XML Web services

Proceedings of the 2002 ACM workshop on XML security
An XPath-based preference language for P3P

WWW '03 Proceedings of the 12th international conference on World Wide Web
Access control: principles and solutions

Software—Practice & Experience - Special issue: Security software

AFPL, an Abstract Language Model for Firewall ACLs

ICCSA '08 Proceedings of the international conference on Computational Science and Its Applications, Part II
Model-Based Development of firewall rule sets: Diagnosing model inconsistencies

Information and Software Technology
A Secure Delegation Model Based on Multi-agent in Pervasive Environments

KES-AMSTA '09 Proceedings of the Third KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt XML-based languages. XML appears in fact a natural choice as the basis for the common security-policy language, due to the ease with which its syntax and semantics can be extended and the widespread support that it enjoys from all the main platform and tool vendors. In this chapter, we first investigate the basic concepts behind access control design and enforcement, and point out different security requirements that may need to be taken into consideration in designing an access control language for Internet information systems. We then focus on XML-based access control languages and, in particular, on the eXtensible Access Control Markup Language (XACML), a recent OASIS standardization effort. XACML is designed to express authorization policies in XML against objects that are themselves identified in XML. XACML can represent the functionalities of most policy representation mechanisms.