XACML policy integration algorithms

被引：41

作者：

Mazzoleni, Pietro ^{[1
]}

Crispo, Bruno ^{[2
,3
]}

Sivasubramanian, Swaminathan ^{[2
]}

Bertino, Elisa ^{[4
]}

机构：

[1] Univ Milan, CS Dept, I-20122 Milan, Italy

[2] Vrije Univ Amsterdam, Amsterdam, Netherlands

[3] Univ Trent, Trento, Italy

[4] Purdue Univ, W Lafayette, IN 47907 USA

来源：

ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY | 2008年 / 11卷 / 01期

关键词：

security; algorithm; XACML; security policies integration; distributed systems; web services; content distributed networks; SOA;

D O I：

10.1145/1330295.1330299

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

XACML is the OASIS standard language specifically aimed at the specification of authorization policies. While XACML fits well with the security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises in which several autonomous subjects collaborate by sharing their resources to provide better services to customers. In this article we highlight such limitation, and we propose an XACML extension, the policy integration algorithms, to address them. In the article we also present the implementation of a system that makes use of the policy integration algorithms to securely replicate information in a P2P-like environment. In our solution, the data replication process considers the policies specified by both the owners of the data shared and the peers sharing data storage.

引用

页数：29

共 22 条

[1] Anderson A., 2005, COMP 2 PRIVACY POLIC
[2] ANDERSON A, 2005, WS POLICYCONSTRAINTS
[3] ANDERSON A, 2004, IEEE POL 2004 WORKSH
[4] BACKES M, 2004, P ACM S APPL COMP
[5] BAKER M, 2005, HPL2005120
[6] BARTH A, 2004, WORKSH PRIV EL SOC
[7] FISLER K, 2005, INT C SOFT ENG ICSE
[8] *HP, 2005, VIRT INFR SOL MYS BU
[9] HUANG D, 2005, 4 SEM WEB POL WORKSH
[10] *IBM, 2004, AUTOMATE INTEGRATE I

← 1 2 3 →