Istituto di Informatica e Telematica     
Colombo M., Lazouski A., Martinelli F., Mori P. A proposal on enhancing XACML with continuous usage control features. 1st ed. Desprez, F., Getov, ., Priol, T., Yahyapour, R (eds.). (CoreGRID series, vol. 12). Delft, Netherlands: Springer, 2010.
Usage control (UCON) proposed by R. Sandhu et al. [8, 9] is an attribute- based authorization model and its main novelties are mutability of attributes and continuity of control. OASIS eXtensible Access Control Markup Language (XACML) [10] is a widely-used language to write authorization policies to protect resources in a dis- tributed computing environment (e.g. Grid). The XACML policy specifies before- usage authorization process optionally complemented with obligation actions ful- fillment. By now, XACML has insufficient facilities to express continuous usage control afterwards an access was granted and started. In this paper, we introduce U-XACML, a new policy language, which enhances the original XACML with the UCON novelties. We extend a syntax and semantics of the XACML policy to define mutability of attributes and continuity of control. We introduce an architecture to enforce the U-XACML policy
URL: http://www.springer.com/computer/communication+networks/book/978-1-4419-6793-0
Subject Distributed Data Mining

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional