Representation and Evaluation of Security Policies for Distributed System Services
نویسندگان
چکیده
We present a new model for authorization that integrates both local and distributed access control policies and that is extensible across applications and administrative domains. We introduce a general mechanism that is capable of implementing several security policies including role-based access control, Clark-Wilson, ACLs, capabilities, and lattice-based access controls. The Generic Authorization and Access-control API (GAA API) provides a generic framework by which applications facilitate access control decisions and request authorization information about a particular resource. We have integrated our system with the Prospero Resource Manager and Globus Security Infrastructure.
منابع مشابه
The Specification and Enforcement of Advanced Security Policies
In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a means for generating audit data allowing immediate notification of suspicious application level ...
متن کاملBasic Health Insurance Stewardship in Line with the Upstream Laws and Policies: Conflicts and Contradictions!!!
One of the serious challenges regarding interactions between Iran’s social security system and health system is basic health insurance stewardship. It has existed for a long time and has been given a special place concerning the related laws and policies in recent years. In this regard, it seems that approving of rules conflicting with upstream laws and policies has increased existing conflicts...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملInvestigating Pareto Front Extreme Policies Using Semi-distributed Simulation Model for Great Karun River Basin
This study aims to investigate the different management policies of multi-reservoir systems and their impact on the demand supply and hydropower generation in Great Karun River basin. For this purpose, the semi-distributed simulation-optimization model of the Great Karun River basin is developed. Also, the multi-objective particle swarm optimization algorithm is applied to optimize the develop...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2000