A framework for distributed authorization
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
Improving the granularity of access control for Windows 2000
ACM Transactions on Information and System Security (TISSEC)
A Resource Access Decision Service for CORBA-Based Distributed Systems
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Authorization in CORBA Security
Journal of Computer Security
On the benefits of decomposing policy engines into components
ARM '04 Proceedings of the 3rd workshop on Adaptive and reflective middleware
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Implementing a modular access control service to support application-specific policies in CaesarJ
AOMD '05 Proceedings of the 1st workshop on Aspect oriented middleware development
The secondary and approximate authorization model and its application to Bell-LaPadula policies
Proceedings of the eleventh ACM symposium on Access control models and technologies
Flooding and recycling authorizations
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
On the impact of quality of protection in wireless local area networks with IP mobility
Mobile Networks and Applications
Cooperative secondary authorization recycling
Proceedings of the 16th international symposium on High performance distributed computing
Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Capturing industry experience for an effective information security assessment
International Journal of Information Systems and Change Management
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Efficient access enforcement in distributed role-based access control (RBAC) deployments
Proceedings of the 14th ACM symposium on Access control models and technologies
Quality of protection analysis and performance modeling in IP multimedia subsystem
Computer Communications
Introducing Sim-Based Security Tokens as Enabling Technology for Mobile Real-Time Services
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
A flexible architecture for enforcing and composing policies in a service-oriented environment
DAIS'07 Proceedings of the 7th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
Towards reliable multi-agent systems: An adaptive replication mechanism
Multiagent and Grid Systems
Access control caching strategies: an empirical evaluation
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Authorization recycling in hierarchical RBAC systems
ACM Transactions on Information and System Security (TISSEC)
Survey Paper: A survey on policy languages in network and security management
Computer Networks: The International Journal of Computer and Telecommunications Networking
Secure mobile sales force automation: the case of independent sales agencies
Information Systems and e-Business Management
Risk-based security decisions under uncertainty
Proceedings of the second ACM conference on Data and Application Security and Privacy
Idea: efficient evaluation of access control constraints
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
From MDM to DB2: a case study of security enforcement migration
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
A Value Sensitive Design Investigation of Privacy Enhancing Tools in Web Browsers
Decision Support Systems
| Hi-index | 0.00 |
Web presence has become a key consideration for the majority of companies and other organizations. Besides being an essential information delivery tool, the Web is increasingly being regarded as an extension of the organization itself, directly integrated with its operating processes. As this transformation takes place, security grows in importance. IBM Tivoli Access Manager offers a shared infrastructure for authentication and access management, technologies that have begun to emerge in the commercial marketplace. This paper describes the Authorization Service provided by IBM Tivoli Access Manager for e-business (AM) and its use by AM family members as well as third-party applications. Policies are defined over a protected object namespace and stored in a database, which is managed via a management console and accessed through an Authorization API. The protected object namespace abstracts from heterogeneous systems and thus enables the definition of consistent policies and their centralized management. ACL inheritance and delegated management allow these policies to be managed efficiently. The Authorization API allows applications with their own access control requirements to decouple authorization logic from application logic. Policy checking can be externalized by using either a proxy that sits in front of the Web servers and application servers or a plug-in that examines the request. Thus, AM familiy members establish a single entry point to enforce enterprise policies that regulate access to corporate data.