Distributed Access Control Management – A XACML-Based Approach
Enterprises are increasingly pervasive with users and services belonging to different domains. Cross-enterprise business collaborations are soaring and so are business relationships with complex access control rules. Business rules no longer come from a single source. There is a need for multiple administrators to define rules that apply to their part of the collaboration. Traditional access control models are not sufficient. This demonstrator illustrates an authorization service developed by Swedish SME Axiomatics. It implements the eXtended Access Control Markup Language (XACML), a policy- and rule-based access control language which allows the expression of fine-grained access control rules in distributed environments.
KeywordsSOA security authorization access control XACML
- 1.The BEinGRID project, http://www.beingrid.eu
- 2.OASIS, XACML 3.0 (core specification and schemas) (May 18, 2008)Google Scholar
- 3.OASIS, XACML 3.0 administration and delegation profile, (October 10, 2007)Google Scholar
- 4.Gresty, C., et al.: Meeting customer needs. BT Technology Journal 26(1)Google Scholar