XACML policy integration algorithms

被引:41
|
作者
Mazzoleni, Pietro [1 ]
Crispo, Bruno [2 ,3 ]
Sivasubramanian, Swaminathan [2 ]
Bertino, Elisa [4 ]
机构
[1] Univ Milan, CS Dept, I-20122 Milan, Italy
[2] Vrije Univ Amsterdam, Amsterdam, Netherlands
[3] Univ Trent, Trento, Italy
[4] Purdue Univ, W Lafayette, IN 47907 USA
来源
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY | 2008年 / 11卷 / 01期
关键词
security; algorithm; XACML; security policies integration; distributed systems; web services; content distributed networks; SOA;
D O I
10.1145/1330295.1330299
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
XACML is the OASIS standard language specifically aimed at the specification of authorization policies. While XACML fits well with the security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises in which several autonomous subjects collaborate by sharing their resources to provide better services to customers. In this article we highlight such limitation, and we propose an XACML extension, the policy integration algorithms, to address them. In the article we also present the implementation of a system that makes use of the policy integration algorithms to securely replicate information in a P2P-like environment. In our solution, the data replication process considers the policies specified by both the owners of the data shared and the peers sharing data storage.
引用
收藏
页数:29
相关论文
共 50 条
  • [1] Usage Control Model Specification in XACML Policy Language XACML Policy Engine of UCON
    Um-e-Ghazia
    Masood, Rahat
    Shibli, Muhammad Awais
    Bilal, Muhammad
    COMPUTER INFORMATION SYSTEMS AND INDUSTRIAL MANAGEMENT (CISIM), 2012, 7564 : 68 - 79
  • [2] XACBench: a XACML policy benchmark
    Ahmadi, Shayan
    Nassiri, Mohammad
    Rezvani, Mohsen
    SOFT COMPUTING, 2020, 24 (21) : 16081 - 16096
  • [3] XACBench: a XACML policy benchmark
    Shayan Ahmadi
    Mohammad Nassiri
    Mohsen Rezvani
    Soft Computing, 2020, 24 : 16081 - 16096
  • [4] An XACML Policy Generating Method Based on Policy View
    Lang, Bo
    Zhao, Nan
    Ge, Kun
    Chen, Kai
    2008 3RD INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND APPLICATIONS, VOLS 1 AND 2, 2008, : 295 - 301
  • [5] RSVP policy control using XACML
    Toktar, E
    Jamhour, E
    Maziero, C
    FIFTH IEEE INTERNATIONAL WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, PROCEEDINGS, 2004, : 87 - 96
  • [6] An efficient policy evaluation engine for XACML policy management
    Deng, Fan
    Yu, Zhenhua
    Liu, Wenjing
    Luo, Xiaoqing
    Fu, Yu
    Qiang, Ben
    Xu, Chaoyang
    Li, Zhiwu
    INFORMATION SCIENCES, 2021, 547 : 1105 - 1121
  • [7] Policy Conflict Management using XACML
    Shamoon, Imran
    Rajpoot, Qasim
    Shibli, Awais
    2012 8TH INTERNATIONAL CONFERENCE ON COMPUTING AND NETWORKING TECHNOLOGY (ICCNT, INC, ICCIS AND ICMIC), 2012, : 287 - 291
  • [8] ViSPE: A Graphical Policy Editor for XACML
    Nergaard, Henrik
    Ulltveit-Moe, Nils
    Gjosaeter, Terje
    INFORMATION SYSTEMS SECURITY AND PRIVACY, ICISSP 2015, 2015, 576 : 107 - 121
  • [9] MODALITY CONFLICT ANALYSIS IN XACML POLICY EVALUATION
    Kuang, Teo Poh
    Ibrahim, Hamidah
    Sidi, Fatimah
    Udzi, Nur Izura
    PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON COMPUTING AND INFORMATICS: EMBRACING ECO-FRIENDLY COMPUTING, 2017, : 708 - 713
  • [10] XACML Policy Evaluation with Dynamic Context Handling
    Ammar, Nariman
    Malik, Zaki
    Bertino, Elisa
    Rezgui, Abdelmounaam
    IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2015, 27 (09) : 2575 - 2588
12345