XACML-chandra - XACML and Role Based The following...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
XACML and Role Based Access Control The following presentation slides contain content from Jason Crampton and Royal Holloway
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
XACML The eXtensible Access Control Markup Language is used to specify and enforce authorization policy. The XACML standard provides Policy Language Request and Response Language Standard data-types, functions, combining algorithms
Background image of page 2
General terms Resource Data, system component or service Subject An actor who makes a request to access certain Resources. Action An operation on resource Environment The set of attributes that are relevant to an authorization decision and are independent of a particular subject, resource or action Attributes Characteristics of a subject, resource, action or environment Target
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Access control Rules Who can access what , under what conditions , and for what purpose.
Background image of page 4
The Access Control Policies are defined with a collection of Rules. Both Rules and Requests use Subjects, Resources and Actions. A Subject element is the entity requesting access. A Subject has one or more Attributes. The Resource element is a data, service or system component. A Resource has a single Attribute. An Action element defines the type of access requested on the Resource. Actions have one or more Attributes. An Environment element can optionally provide additional information.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
Policy Administration Point (PAP) It creates security policies and stores these policies in
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 25

XACML-chandra - XACML and Role Based The following...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online