A Comparative Study of Specification Models for Autonomic Access Control of Digital Rights

  • K. Bhoopalam
  • K. Maly
  • R. Mukkamala
  • M. Zubair
  • D. Agrawal
  • D. Kaminsky
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3919)


One of the goals of Digital Rights Management Systems is the provision of a flexible access rights management system to specify and enforce digital rights. Policy-based access control is an important feature of flexible access management systems as it facilitates changes in access control with minimum or no changes to the system it protects. Two prominent policy based access specification models (and languages) are the Policy Core Information Model (PCIM) and the eXtensible Access Control Markup Language (XACML). In this paper we analyze and compare the two specification models for their suitability in building access rights for Digital Rights Management Systems.


Access Control Boolean Expression Digital Right Management Access Request Policy Decision Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson: Key differences between XACML and EPAL. In: Workshop on New Challenges for Access Control, Ottawa, April 27 (2005)Google Scholar
  2. 2.
    Bhoopalam, K., Maly, K., Mukkamala, R., Zubair, M.: Access Management in Federated Digital Libraries. In: Proceedings of IADIS, Madrid, October 6-9 (2004)Google Scholar
  3. 3.
    Cantor, S. (ed.): Shibboleth Architecture – Protocols and Profiles, Working Draft 05 (November 23, 2004),
  4. 4.
    Common Information Model, Version 2.8 (January 25, 2004),
  5. 5.
    Distributed Management Task Force,
  6. 6.
    eXtensible Markup Language Working Group,
  7. 7.
    Godik, S., Moses, T. (eds.): OASIS eXtensible Access Control Management Language (XACML). Committee Specification 1.0 (April 21, 2002),
  8. 8.
    Hada, S., Kudo, M.: XML Access Control Language: Provisional Authorization for XML Documents. (Tokyo Research Laboratory, IBM Research) (October 16, 2000)Google Scholar
  9. 9.
    Maly, K., Anan, H., Tang, J., Nelson, M., Zubair, M., Yang, Z.: Challenges in Building Federation Services over Harvested Metadata. In: Sembok, T.M.T., Zaman, H.B., Chen, H., Urs, S.R., Myaeng, S.-H. (eds.) ICADL 2003. LNCS, vol. 2911, pp. 602–614. Springer, Heidelberg (2003)Google Scholar
  10. 10.
    Martin, M., Agnew, G., Kuhlman, D.L., McNair, J.H., Rhodes, W.A., Tipton, R.: Federated Digital Rights Management: A Proposed DRM Solution for Research and Education. D-Lib Magazine 8(7/8) (July/August 2002) ISSN 1082-9873Google Scholar
  11. 11.
    Organization for Advancement of Structured Information Systems,
  12. 12.
    OWL Web Ontology Language: Overview (Febuary 10, 2004),
  13. 13.
    Understand the autonomic manager concept (March 2005),
  14. 14.
    Vinoski, S.: Web Services Interaction Models - Part 1: Current Practice. In: IEEE Internet Computing, May – June 2002, pp. 89–91 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • K. Bhoopalam
    • 1
  • K. Maly
    • 1
  • R. Mukkamala
    • 1
  • M. Zubair
    • 1
  • D. Agrawal
    • 2
  • D. Kaminsky
    • 3
  1. 1.Old Dominion UniversityUSA
  2. 2.IBM, T. J. Watson Research CenterUSA
  3. 3.IBM, Research Triangle ParkUSA

Personalised recommendations