An application of directory service markup language (DSML) for role-based access control (RBAC)

被引:4
作者
Shin, DW [1 ]
Ahn, GJ [1 ]
Park, JS [1 ]
机构
[1] Univ N Carolina, Dept Software & Informat Syst, LIISP, Charlotte, NC 28223 USA
来源
26TH ANNUAL INTERNATIONAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE, PROCEEDINGS | 2002年
关键词
access control; role-based; directory service; directory service mark-up language (DSML);
D O I
10.1109/CMPSAC.2002.1045125
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Directory service markup language (DSML) prescribes how to manipulate directory, services information in XML, and thus it facilitates sharing of directory information as XML fragments among XML-based applications. In this paper, we describe how to leverage DSML for role-based access control on XML-based web applications which often need collaboration within or beyond a single enterprise boundary,. Compared with previous works in this area, we show that our approach can solve the problems of a previous LDAP-oriented solution. We discuss the security, architecture based upon server-pull model and its components. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Finally, several issues from our experience are discussed as well.
引用
收藏
页码:934 / 939
页数:4
相关论文
共 15 条
  • [1] Ahn G., 2000, ACM T INF SYST SEC, V3
  • [2] AHN GJ, 2000, P 5 ACM WORKSH ROL B
  • [3] ALLEN D, 2000, EMERGING TECHNOLOGY
  • [4] COYNE EJ, 1995, P 1 ACM WORKSH ROL B
  • [5] FARRELL S, 2001, INT ATTRIBUTE CERTIF
  • [6] FERRAIOLO DF, 1995, ANN COMP SEC APPL C
  • [7] *ITU T, 2000, 959482001 ISOIEC
  • [8] *OASIS, 2001, SAML V 1 0 SPEC
  • [9] *OASIS, 2001, DSML V2 SPEC
  • [10] PARK J, 2001, ACM T INFORMATION SY, V4
12