Principled design of the modern Web architecture
ACM Transactions on Internet Technology (TOIT)
Role-Based Access Control With X.509 Attribute Certificates
IEEE Internet Computing
A network access control approach based on the AAA architecture and authorization attributes
Journal of Network and Computer Applications
Hi-index | 0.00 |
We are experiencing the emergence of federated approaches to resource sharing. In these approaches, trust links are established among different autonomous organizations in order to grant users in any of them access to shared resources with a single identity, stated by the organization the user belongs to. However, some of those federations are working using different schemas for representing user attributes, both from a semantic and a syntax point of view. This fact makes difficult the interoperability of heterogeneous federations based on different authorization systems. The work presented in this paper benefits from an existing proposal for building confederations, eduGAIN, to address that issue. As we will see, it will be necessary a way to establish the relationships between attributes and technologies from different federations and to define how those relationships can be published and managed. We present the required conversion policy, the entities in charge of the conversion process, and the communication protocols for conversion requests and for publishing the policies.