Web server authorisation with the policyupdater access control system

نویسندگان

  • Vino Fernando Crescini
  • Yan Zhang
  • Weiyuan Wang
چکیده

The PolicyUpdater1 system is a generic access control system that provides policy evaluations and dynamic policy updates. These functions are achieved by the use of a logic-based language to represent access control policies. In this paper, we discuss the underlying details of the PolicyUpdater system as well as the issues arising from its application to a web server access control system. Integrating the PolicyUpdater system with a web server provides a more flexible and expressive means of representing authorisation policies.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Development of a Flexible PERMIS Authorisation Module for Shibboleth and Apache Server

This paper describes the development of a flexible Role Based Access Control (RBAC) authorisation module – the Shibboleth and Apache Authorisation Module (SAAM) which is based on the PERMIS privilege management infrastructure. It explains how the module can work with the Apache web server, with or without Shibboleth. We argue that this can effectively improve the level of trust and flexibility ...

متن کامل

تشخیص ناهنجاری روی وب از طریق ایجاد پروفایل کاربرد دسترسی

Due to increasing in cyber-attacks, the need for web servers attack detection technique has drawn attentions today. Unfortunately, many available security solutions are inefficient in identifying web-based attacks. The main aim of this study is to detect abnormal web navigations based on web usage profiles. In this paper, comparing scrolling behavior of a normal user with an attacker, and simu...

متن کامل

Investigation on Reliability Estimation of Loosely Coupled Software as a Service Execution Using Clustered and Non-Clustered Web Server

Evaluating the reliability of loosely coupled Software as a Service through the paradigm of a cluster-based and non-cluster-based web server is considered to be an important attribute for the service delivery and execution. We proposed a novel method for measuring the reliability of Software as a Service execution through load testing. The fault count of the model against the stresses of users ...

متن کامل

Authorisation Policy Federation in Heterogeneous Multi-Cloud Environments

Current Infrastructure as a Service (IaaS) cloud platforms have their own authorisation system, containing different access control policies and models. Clients with accounts in multiple cloud providers struggle to manage their rules in order to provide a homogeneous access control experience to users. This work proposes a solution: an Authorisation Policy Federation (APF) of heterogeneous clou...

متن کامل

Security evaluation of the OAuth 2.0 framework

The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third party ap...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004