XACML and risk-aware access control

Chen, Liang, Gasparini, Luca and Norman, Timothy J. (2013) XACML and risk-aware access control. In: Proceedings of the 10th International Workshop on Security in Information Systems, July 5, 2013, Angers, France.

Full text not available from this repository.

Abstract

Risk-aware access control (RAAC) has shown promise as an approach to addressing the increasing need to share information securely in dynamic environments. For such models to realise their promise, however, principled, standard-based software engineering methods are essential. XACML is an XML-based OASIS standard for the specification and evaluation of access control policies. In this paper we explore the use of XACML as a means of implementing RAAC. We abstract core components of RAAC relevant to risk management, and show how these may be implemented using standard XACML features.

Item Type: Conference or Workshop Item (Paper)
Subjects: Computer science, knowledge and information systems
Depositing User: Liang Chen
Date Deposited: 22 Mar 2016 18:19
Last Modified: 23 Mar 2016 09:46
URI: http://repository.uwl.ac.uk/id/eprint/1838

Actions (login required)

View Item View Item

Menu