Authorization policy representation and management
Links
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!http://portal.acm.org/citation.cfm?id=1133058.1133089 Presented at ACM Symposium on Access Control Models and Technologies 2006, Lake Tahoe, California, USA, June 07 - 09, 2006. "XACML is the OASIS standard language for the specification of authorization and entitlement policies. However, while XACML well addresses security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises built through collaboration of several autonomous subjects sharing their resources. In this paper we highlight such limitations and we propose an XACML extension, the policy integration algorithm, to address them. In the paper we also discuss in which respect the process of comparing two XACML policies differs from the process used to compare other business rules."- Digital Identity - Authentication and authorization - Authorization policy representation and management - |
1 vote
|
OASIS eXtensible Access Control Markup Language TChttp://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml The purpose of this OASIS eXtensible Access Control Markup Language TC is to define a core schema and corresponding namespace for the expression of authorization policies in XML against objects that are themselves identified in XML.- Authorization policy representation and management - |
1 vote
|
Sun's XACML Implementationhttp://sunxacml.sourceforge.net/ Sun's XACML Reference Implementation is an open source implementation of the OASIS XACML standard, written in Java.- Authorization policy representation and management - |
1 vote
|
