A Network Access Control Approach Based on the AAA Architecture and Authorization Attributes

Authors:
Gabriel Lopez;Antonio F. Gomez;Rafael Marin;Oscar Canovas
Affiliations:
University of Murcia, Spain;University of Murcia, Spain;University of Murcia, Spain;University of Murcia, Spain
Venue:
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Year:
2005

Citing 2
Cited 5

Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Authorization and Charging in Public WLANs Using FreeBSD and 802.1x

Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference

Automatic enforcement of location aware user based network access control policies

TELE-INFO'08 Proceedings of the 7th WSEAS International Conference on Telecommunications and Informatics
Location aware self-adapting firewall policies

WSEAS TRANSACTIONS on COMMUNICATIONS
Use of XACML Policies for a Network Access Control Service

Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Policy-based integration of user and provider-sided identity management

ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
A heterogeneous network access service based on PERMIS and SAML

EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure

Quantified Score

Hi-index	0.00

Visualization

Abstract

Network access control mechanisms constitute an increasingly needed service, when communications are becoming more and more ubiquitous thanks to some technologies such as wireless networks or Mobile IP. This paper presents a particular scenario where access rules are based not only on the identity of the different users, but also on authorization data related to those users. In order to accomplish this general goal, it will be necessary to add to the traditional systems specific services for authentication and authorization, and also some entities able to manage the information related to identity, roles and permissions. Network access will be based on the 802.1X framework and the AAA architecture, as they constitute the basis for most of the existing proposals for limiting the access to a restricted network. Those proposals will be extended using an authorization infrastructure based on SAML statements, the RBAC model, and XACML as the language for expressing authorization policies.