A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Analysis of Liberty Single-Sign-on with Enabled Clients
IEEE Internet Computing
A practical study on security of agent-based ubiquitous computing
AAMAS'02 Proceedings of the 2002 international conference on Trust, reputation, and security: theories and practice
An XML-based single sign-on scheme supporting mobile and home network service environments
IEEE Transactions on Consumer Electronics
Behavioral biometrics for persistent single sign-on
Proceedings of the 7th ACM workshop on Digital identity management
Hi-index | 0.00 |
Since mobile and Web applications are integrated, the number of services, a typical mobile user can now access, has greatly increased With a variety of services, a user will be frequently asked to provide his security information to a system This iterative request is one critical problem which can cause frequent transmission of user's security information Another serious problem is how an administrator controls access request of internal users who were authenticated In order to establish effective security scheme for integrated environments, Single Sign-On and access control also need to be integrated In this paper, we propose an XML-based architecture integrating authentication and access control policy in integrated environment to be extended to ubiquitous environment To provide flexibility, extensibility, and interoperability between environments to be integrated, we have implemented an architecture based on SAML and XACML, which are standardized specifications By specifying security policies in XML schema and exchanging security information according to that schema, the proposed architecture offers the opportunities to build standardized schemes for authentication and authorization Additionally, the proposed architecture makes it possible to establish a fine-grained access control scheme by specifying the XML element unit as a target to be protected.