X- RBAC : An Access Control Language for Multi-domain Environments

Get BibTex-formatted data

Download

PDF

Author

James Joshi, Rafae Bhatti, Elisa Bertino, Arif Ghafoor

Tech report number

CERIAS TR 2004-46

Entry type

techreport

Abstract

A multi-domain application environment consists of distributed multiple organizations, each employing its own security policy, allowing highly intensive inter-domain accesses. Ensuring security in such an environment poses several challenges. XML technologies are being perceived as the most promising approach for developing pragmatic security solutions for such environments because of the integration and interoperation framework they provide. In this paper, we highlight these challenges and propose an XML-based access control specification language called X-RBAC that addresses policy specification needs of a multi-domain environment. Our specification language is based on an extension of the widely accepted NIST RBAC model. X-RBAC allows specification of RBAC policies and facilitates specification of timing constraints on roles as well as context and content-based access requirements. Furthermore, it provides a framework for specifying mediation policies in a multi-domain environment where RBAC policies have been employed.

Download

PDF

Key alpha

access control

School

Purdue University

Affiliation

University of Pittsburgh and Purdue University

Publication Date

1900-01-01

Keywords

XML, RBAC, Access Control Policy, Multi-domain

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ access control,
	title = "X- RBAC : An Access Control Language for Multi-domain Environments",
	author = "James Joshi, Rafae Bhatti, Elisa Bertino, Arif Ghafoor",
	school = "Purdue University",
	abstract = "A multi-domain application environment consists of distributed multiple organizations, each employing its own security policy, allowing highly intensive inter-domain accesses. Ensuring security in such an environment poses several challenges. XML technologies are being perceived as the most promising approach for developing pragmatic security solutions for such environments because of the integration and interoperation framework they provide. In this paper, we highlight these challenges and propose an XML-based access control specification language called X-RBAC that addresses policy specification needs of a multi-domain environment. Our specification language is based on an extension of the widely accepted NIST RBAC model. X-RBAC allows specification of RBAC policies and facilitates specification of timing constraints on roles as well as context and content-based access requirements. Furthermore, it provides a framework for specifying mediation policies in a multi-domain environment where RBAC policies have been employed.",
	affiliation = "University of Pittsburgh and Purdue University",
	keywords = "XML, RBAC, Access Control Policy, Multi-domain",
}