Chen, Liang, Gasparini, Luca and Norman, Timothy J. (2013) XACML and risk-aware access control. In: 10th International Workshop on Security in Information Systems, 05 Jul 2013, Angers, France.

Full text not available from this repository.

Abstract

Risk-aware access control (RAAC) has shown promise as an approach to addressing the increasing need to share information securely in dynamic environments. For such models to realise their promise, however, principled, standard-based software engineering methods are essential. XACML is an XML-based OASIS standard for the specification and evaluation of access control policies. In this paper we explore the use of XACML as a means of implementing RAAC. We abstract core components of RAAC relevant to risk management, and show how these may be implemented using standard XACML features.

Item Type:	Conference or Workshop Item (Paper)
ISBN:	9789898565648
Identifier:	10.5220/0004609200660075
Page Range:	pp. 66-75
Identifier:	10.5220/0004609200660075
Keywords:	XACML, risk-aware access control, risk mitigation, RBAC
Subjects:	Computing
Depositing User:	Liang Chen
Date Deposited:	22 Mar 2016 18:19
Last Modified:	28 Aug 2021 07:19
URI:	https://repository.uwl.ac.uk/id/eprint/1838

Actions (login required)

View Item