An extended RBAC profile of XACML

Authors:
Diala Abi Haidar;Nora Cuppens-Boulahia;Frederic Cuppens;Herve Debar
Affiliations:
ENST Bretagne, Cedex, France and Telecom R&D, Caen, France;ENST Bretagne, Cedex, France;ENST Bretagne, Cedex, France;Telecom R&D Caen, Caen, France
Venue:
Proceedings of the 3rd ACM workshop on Secure web services
Year:
2006

Citing 13
Cited 3

Role-Based Access Control Models

Computer
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Protection in operating systems

Communications of the ACM
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A logical framework for reasoning about access control models

ACM Transactions on Information and System Security (TISSEC)
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Generalized Role-Based Access Control

ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Analyzing consistency of security policies

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Knowledge and Data Engineering
GEO-RBAC: a spatially aware RBAC

Proceedings of the tenth ACM symposium on Access control models and technologies
Negotiated Security Policies for E-Services and Web Services

ICWS '05 Proceedings of the IEEE International Conference on Web Services

Towards an agent based framework for the design of secure web services

Proceedings of the 2008 ACM workshop on Secure web services
Usage control model specification in XACML policy language

CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
STRoBAC: spatial temporal role based access control

ICCCI'12 Proceedings of the 4th international conference on Computational Collective Intelligence: technologies and applications - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays many organizations use security policies to control access to sensitive resources. Moreover, exchanging or sharing services and resources is essential for these organizations to achieve their business objectives. Since the eXtensible Access Control Markup Language (XACML) was standardized by the OASIS community, it has been widely deployed, making it easier to interoperate with other applications using the same standard language. The OASIS has defined an RBAC profile of XACML that illustrates how organizations that would like to use the RBAC model can express their access control policy within this standard language. This work analyzes the RBAC profile of XACML, showing its limitations to respond to all the requirements for access control. We then suggest adding some functionalities within an extended RBAC profile of XACML. This new profile is expected to respond to more advanced access control requirements such as user-user delegation, access elements abstractions and contextual applicability of the policies.