Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Principled design of the modern Web architecture
ACM Transactions on Internet Technology (TOIT)
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Supporting conditional delegation in secure workflow management systems
Proceedings of the tenth ACM symposium on Access control models and technologies
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
OpenID 2.0: a platform for user-centric identity management
Proceedings of the second ACM workshop on Digital identity management
On mutually exclusive roles and separation-of-duty
ACM Transactions on Information and System Security (TISSEC)
Delegation in role-based access control
International Journal of Information Security
Please Permit Me: Stateless Delegated Authorization in Mashups
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Patient controlled encryption: ensuring privacy of electronic medical records
Proceedings of the 2009 ACM workshop on Cloud computing security
Capability-based delegation model in RBAC
Proceedings of the 15th ACM symposium on Access control models and technologies
DAuth: Fine-Grained Authorization Delegation for Distributed Web Application Consumers
POLICY '10 Proceedings of the 2010 IEEE International Symposium on Policies for Distributed Systems and Networks
POAuth: privacy-aware open authorization for native apps on smartphone platforms
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Hi-index | 0.00 |
Cross domain resource sharing and collaborations have become pervasive in today's service oriented organizations. Existing approaches for the realization of cross domain access control are either focused on the model level only without concrete implementation mechanisms, or not general enough to provide a flexible framework for enterprise web applications. In this paper, we present xDAuth, a framework for the realization of cross domain access control and delegation with RESTful web service architecture. While focusing on real issues under the context of cross domain access scenarios such as no predefined trust relationship between a service provider domain and service requestor domain, xDAuth leverages existing web technologies to realize desired security requirements while supporting flexible and scalable security policies and privacy protection with low performance overhead. We have implemented xDAuth in a medical module in OpenERP, an open source ERP system. Our evaluation demonstrates that xDAuth is a feasible framework towards general cross domain access control for service oriented architectures.