Role-Based Access Control Models
Computer
Access control in federated systems
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Modeling XML applications with UML: practical e-business applications
Modeling XML applications with UML: practical e-business applications
ACM SIGAda Ada Letters
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
An Adaptive Policy-Based Framework for Network Services Management
Journal of Network and Systems Management
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
X-GTRBAC admin: a decentralized administration model for enterprise wide access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Access-Control Language for Multidomain Environments
IEEE Internet Computing
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
ACM Transactions on Information and System Security (TISSEC)
Automatic Inclusion of Middleware Performance Attributes into Architectural UML Software Models
IEEE Transactions on Software Engineering
An integrated approach to federated identity and privilege management in open systems
Communications of the ACM - Spam and the ongoing battle for the inbox
Commitment issues in delegation process
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Enabling decentralised management through federation
Computer Networks: The International Journal of Computer and Telecommunications Networking
A policy authoring process and DEN-ng model extension for federation governance
MACE'10 Proceedings of the 5th IEEE international conference on Modelling autonomic communication environments
A model for constraint and delegation management
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
XML-based policy engineering framework for heterogeneous network management
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
A formal role-based access control model for security policies in multi-domain mobile networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Federation Lifecycle Management Incorporating Coordination of Bio-inspired Self-management Processes
Journal of Network and Systems Management
Hi-index | 0.02 |
Policy-Based Management (PBM) has been considered as a promising approach for design and enforcement of access management policies for distributed systems. The increasing shift toward federated information sharing in the organizational landscape, however, calls for revisiting current PBM approaches to satisfy the unique security requirements of the federated paradigm. This presents a twofold challenge for the design of a PBM approach, where, on the one hand, the policy must incorporate the access management needs of the individual systems, while, on the other hand, the policies across multiple systems must be designed in such a manner that they can be uniformly developed, deployed, and integrated within the federated system. In this paper, we analyze the impact of security management challenges on policy design and formulate a policy engineering methodology based on principles of software engineering to develop a PBM solution for federated systems. We present X-FEDERATE, a policy engineering framework for federated access management using an extension of the well-known Role-Based Access Control (RBAC) model. Our framework consists of an XML-based policy specification language, its UML-based meta-model, and an enforcement architecture. We provide a comparison of our framework with related approaches and highlight its significance for federated access management. The paper also presents a federation protocol and discusses a prototype of our framework that implements the protocol in a federated digital library environment.