Add to collection(s) Add to saved
  1. Business

XACML and the Cloud

advertisement 
XACML and the Cloud
What is XACML?








XML language for access control
Coarse or fine-grained
Extremely powerful evaluation logic
Ability to use any available information
Superset of Permissions, ACLs, RBAC, etc
Scales from PDA to Internet
Federated policy administration
OASIS and ITU-T Standard
XACML Cloud Features

Powerful language features


Federated Administration



Combining algorithms resolve conflicts
Administrative Policies


Capture complex business relationships
Policies managed by providers, customers, end
users
Global identifiers prevent name conflicts
Domain-specific Profiles

Healthcare, Intellectual property, Privacy
XACML Enables Efficient
Cloud Implementations


Stateless Server
Choice of imbedded or server-based PDP


Max performance or Access Control Service
Specification permits optimizations



Order of evaluation
Caching of Attributes
Caching of decisions or partial evaluations
Related documents
Dynasis Secure Group Information Sharing System
Dynasis Secure Group Information Sharing System
XACML
XACML
On XACML, role-based access control and health grids David Power Abstract
On XACML, role-based access control and health grids David Power Abstract
Using XACML Policies to Express OAuth Scope
Using XACML Policies to Express OAuth Scope
Document
Document
EXAM - a Comprehensive Environment for the Analysis of Access
EXAM - a Comprehensive Environment for the Analysis of Access
A conflict detection approach for XACML policies on hierarchical resources Xiaofeng Xia
A conflict detection approach for XACML policies on hierarchical resources Xiaofeng Xia
More on the project
More on the project
Document
Document
XACML_dilemmas
XACML_dilemmas
Van as-a-Service naar at-your-Service
Van as-a-Service naar at-your-Service
Chapter 11: Ascending and Descending Air
Chapter 11: Ascending and Descending Air
authz-patterns
authz-patterns
CS 290C: Formal Models for Web Software Lectures 12: Control Policies
CS 290C: Formal Models for Web Software Lectures 12: Control Policies
SNLI Maximizing Data Presentation - National Association of Child
SNLI Maximizing Data Presentation - National Association of Child
Multi-Request_Response_Correlation_in_AzAPI
Multi-Request_Response_Correlation_in_AzAPI
ISA 662 Information System Security
ISA 662 Information System Security
Security Policy Management
Security Policy Management
CDN: Content Distribution Network
CDN: Content Distribution Network
Enforcing RFID data visibility restrictions using XACML security policies Please share
Enforcing RFID data visibility restrictions using XACML security policies Please share
Performance assessment of XACML authorizations for Supply Chain Traceability Web Services
Performance assessment of XACML authorizations for Supply Chain Traceability Web Services
SOFTWARE ENGINE FOR XACML IMPLEMENTATION ON ROLE BASED ACCESS CONTROL
SOFTWARE ENGINE FOR XACML IMPLEMENTATION ON ROLE BASED ACCESS CONTROL
Download
advertisement