Towards a flexible framework to support a generalized extension of XACML for spatio-temporal RBAC model with reasoning ability

IF 2.5 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS International Journal of Web Information Systems Pub Date : 2013-06-24 DOI:10.1108/IJWIS-12-2013-0037
T. K. Dang, K. T. L. Thi, Anh Tuan Dang, H. Van
{"title":"Towards a flexible framework to support a generalized extension of XACML for spatio-temporal RBAC model with reasoning ability","authors":"T. K. Dang, K. T. L. Thi, Anh Tuan Dang, H. Van","doi":"10.1108/IJWIS-12-2013-0037","DOIUrl":null,"url":null,"abstract":"XACML is an international standard used for access control in distributed systems. However, XACML and its existing extensions are not sufficient to fulfil sophisticated security requirements (e.g. access control based on user’s roles, context-aware authorizations, and the ability of reasoning). Remarkably, X-STROWL, a generalized extension of XACML, is a comprehensive model that overcomes these shortcomings. Among a large amount of open sources implementing XACML, HERAS-AF is chosen as the most suitable framework to be extended to implement X-STROWL model. This paper mainly focuses on the architecture design of proposed framework and the comparison with other frameworks. In addition, a case study will be presented to clarify the work-flow of this framework. This is the crucial contribution of our research to provide a holistic, extensible and intelligent authorization decision engine.","PeriodicalId":44153,"journal":{"name":"International Journal of Web Information Systems","volume":null,"pages":null},"PeriodicalIF":2.5000,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Web Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/IJWIS-12-2013-0037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 12

Abstract

XACML is an international standard used for access control in distributed systems. However, XACML and its existing extensions are not sufficient to fulfil sophisticated security requirements (e.g. access control based on user’s roles, context-aware authorizations, and the ability of reasoning). Remarkably, X-STROWL, a generalized extension of XACML, is a comprehensive model that overcomes these shortcomings. Among a large amount of open sources implementing XACML, HERAS-AF is chosen as the most suitable framework to be extended to implement X-STROWL model. This paper mainly focuses on the architecture design of proposed framework and the comparison with other frameworks. In addition, a case study will be presented to clarify the work-flow of this framework. This is the crucial contribution of our research to provide a holistic, extensible and intelligent authorization decision engine.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
向着支持XACML的广义扩展的具有推理能力的时空RBAC模型的灵活框架迈进
XACML是用于分布式系统访问控制的国际标准。然而,XACML及其现有扩展不足以满足复杂的安全需求(例如,基于用户角色的访问控制、上下文感知授权和推理能力)。值得注意的是,XACML的广义扩展X-STROWL是一个全面的模型,它克服了这些缺点。在大量实现XACML的开源框架中,选择HERAS-AF作为最适合扩展实现X-STROWL模型的框架。本文主要对所提出的框架进行了体系结构设计,并与其他框架进行了比较。此外,还将介绍一个案例研究,以阐明该框架的工作流程。这是我们的研究对提供一个整体的、可扩展的和智能的授权决策引擎的重要贡献。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
International Journal of Web Information Systems
International Journal of Web Information Systems COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
0.00%
发文量
19
期刊介绍: The Global Information Infrastructure is a daily reality. In spite of the many applications in all domains of our societies: e-business, e-commerce, e-learning, e-science, and e-government, for instance, and in spite of the tremendous advances by engineers and scientists, the seamless development of Web information systems and services remains a major challenge. The journal examines how current shared vision for the future is one of semantically-rich information and service oriented architecture for global information systems. This vision is at the convergence of progress in technologies such as XML, Web services, RDF, OWL, of multimedia, multimodal, and multilingual information retrieval, and of distributed, mobile and ubiquitous computing. Topicality While the International Journal of Web Information Systems covers a broad range of topics, the journal welcomes papers that provide a perspective on all aspects of Web information systems: Web semantics and Web dynamics, Web mining and searching, Web databases and Web data integration, Web-based commerce and e-business, Web collaboration and distributed computing, Internet computing and networks, performance of Web applications, and Web multimedia services and Web-based education.
期刊最新文献
Web-aided data set expansion in deep learning: evaluating trainable activation functions in ResNet for improved image classification Click-through rate prediction model based on graph networks and feature squeeze-and-excitation mechanism Enhancing the viewing, browsing and searching of knowledge graphs with virtual properties GethReplayer: a smart contract testing method based on transaction replay Large language models for automated Q&A involving legal documents: a survey on algorithms, frameworks and applications
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1