An XML framework for multi-level access control in the enterprise domain

Ioannis Priggouris, Stathes Hadjiefthymiades, Lazaros Merakos

Abstract

Modeling security information has always been a fundamental part of every security system. A robust and flexible model is needed in order to guarantee both the easy management of security information and the efficient implementation of security mechanisms. In this paper, we present an XML-based framework, which can be used for controlling access to computer systems. The framework is mainly targeted to enterprise systems and aims to provide a fine-grained access control infrastructure for securing access to hosted services. The proposed framework supports both role-based and user-based access control on different levels. Although, the discussion focuses mainly on the data model, access control schemes and guidelines for implementing fitting security architectures are also provided.

References

  1. D. Ferraiolo, D. R. Kuhn: “Role based access control”.,In Proceedings of the 15th Annual Conference on National Computer Security. National Institute of Standards and Technology, Gaithersburg, MD, 554-563,1992.
  2. L. Guiri, “A new model for role-based access control”, In Proceedings of the 11th Annual Conference on Computer Security Applications (New Orleans, LA, Dec. 1995).
  3. L. Guiri, P. Iglio, “A formal model for role-based access control with constraints”, In proceedings of 9th IEEE Workshop on Computer Security Foundations, Ireland, 1996.
  4. S. Osborn, R. S. Sahdhu, Q. Mutanawer, “Configuring role-based access control to enforce mandatory and discretionary access control policies”. ACM Trans. On Information System Security 3, 2 (May 2000).
  5. I. Mohammed, D. M. Dilts, “Design for dynamic user-role-based security”, Computer Security 13, 8, 661-671, 1994.
  6. J. Park, R. Sandhu, G. Ahn, “Role-Based Access Control on the Web”, ACM Transactions on Information and Systems Security (TISSEC), Volume 4, Number 1, February 2001.
  7. M. Birbeck et al, “Professional XML”, Wrox Press Inc, 1st edition, 2000.
  8. J. Duckett et al, “Professional XML schemas”, Wrox Press Inc, 1st edition, 2001
  9. Cattell R. et al, “Java 2 Platform, Enterprise Edition: Platform and Component Specifications”, Addison-Wesley Pub Co, 2000.
  10. Roman Ed et al., “Mastering Enterprise JavaBeans” 2nd Edition, Wiley Computer Publishing, 2002.
  11. Enterprise Java Beans Specification version 2.1,Final Release, Sun Microsystems, 12 November 2003.
  12. W. Yao, K. Moody, J. Bacon, “A model of OASIS Role-Based Access Control and its Support for Active Security”, proceeding of SACMAT 2001, Chantilly, Virginia, USA, May 3-4, 2001.
Download


Paper Citation


in Harvard Style

Priggouris I., Hadjiefthymiades S. and Merakos L. (2004). An XML framework for multi-level access control in the enterprise domain . In Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004) ISBN 972-8865-07-4, pages 227-236. DOI: 10.5220/0002675302270236


in Bibtex Style

@conference{wosis04,
author={Ioannis Priggouris and Stathes Hadjiefthymiades and Lazaros Merakos},
title={An XML framework for multi-level access control in the enterprise domain},
booktitle={Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)},
year={2004},
pages={227-236},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002675302270236},
isbn={972-8865-07-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)
TI - An XML framework for multi-level access control in the enterprise domain
SN - 972-8865-07-4
AU - Priggouris I.
AU - Hadjiefthymiades S.
AU - Merakos L.
PY - 2004
SP - 227
EP - 236
DO - 10.5220/0002675302270236