论文信息 - Evaluating distributed xacml policies

Evaluating distributed xacml policies

We extend the XACML reference implementation so that a policyset consisting of remote references to other policies can be evaluated distributively. Our extension also covers requests to resources that need to be used exclusively. We do so by implementing a nested transaction model for the evaluation of distributed XACML policies. Experiments show reasonable performance of our access controller.

Anil Nerode | Duminda Wijesekera | Saket Kaushik | Vijayant Dhankhar

[1] Rebekah Lepro,et al. Cardea: Dynamic Access Control in Distributed Systems , 2004 .

[2] Seng-Phil Hong,et al. Access control in collaborative systems , 2005, CSUR.

[3] Stanley B. Zdonik,et al. Cooperative Transaction Hierarchies: A Transaction Model to Support Design Applications , 1990, VLDB.

[4] Duminda Wijesekera,et al. XACML Policies for Exclusive Resource Usage , 2007, DBSec.

[5] E. B. Moss,et al. Nested Transactions: An Approach to Reliable Distributed Computing , 1985 .

[6] Jim Gray,et al. Notes on Data Base Operating Systems , 1978, Advanced Course: Operating Systems.

[7] Prasun Dewan,et al. Access control for collaborative environments , 1992, CSCW '92.