Abstract
Role-based access control (RBAC) is a powerful means for laying out higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations still seek a flexible and effective approach to impose role-based authorization constraints in their security-critical applications. In this paper, we present a Web Services-based authorization framework that can be employed to enforce organization-wide authorization constraints. We describe a generic authorization engine, which supports organization-wide authorization constraints and acts as a central policy decision point within the authorization framework. This authorization engine is implemented by means of the USE system, a validation tool for UML models and OCL constraints.
Original language | English (US) |
---|---|
Title of host publication | Proceedings - Annual Computer Security Applications Conference, ACSAC |
Pages | 257-266 |
Number of pages | 10 |
DOIs | |
State | Published - 2008 |
Event | 24th Annual Computer Security Applications Conference, ACSAC 2008 - Anaheim, CA, United States Duration: Dec 8 2008 → Dec 12 2008 |
Other
Other | 24th Annual Computer Security Applications Conference, ACSAC 2008 |
---|---|
Country/Territory | United States |
City | Anaheim, CA |
Period | 12/8/08 → 12/12/08 |
ASJC Scopus subject areas
- Computer Networks and Communications
- Software
- Safety, Risk, Reliability and Quality