论文信息 - Protocol for Certificate Based Access Control Policies Description Language

Protocol for Certificate Based Access Control Policies Description Language

Access control in wide distributed networks has to be separated into domains in order to make it easily scalable and manageable. The management system also has to be automated to reduce complexity. Role based access control allows to achieve this goal, however adding public key infrastructure to RBAC approach would expand system capabilities in many ways. One of them is ability to specify certificate—based policies, which allow to access system resources by users form un-trusted sources. Adding digital signature to policies increases system security. This paper describes communication protocol in certificate based access control system, based on XACML standard described in [1].

Jerzy Pejas | Pawel Sukiennik

[1] David W. Chadwick,et al. RBAC Policies in XML for X.509 Based Privilege Management , 2002, SEC.

[2] Jerzy Soldek,et al. Artificial intelligence and security in computing systems , 2003 .

[3] Ramaswamy Chandramouli. Specification and Validation of Enterprise Access Control Data for Conformance to Model and Policy Constraints , 2003 .

[4] Ramaswamy Chandramouli. Application of XML tools for enterprise-wide RBAC implementation tasks , 2000, RBAC '00.

[5] Jerzy Pejaś. Certificate-based access control policies description language , 2003 .