Open AccessA Holistic Approach to Security Policies – Policy Distribution with XACML over COPS
Author(s) -
Jan Peters,
Roland Rieke,
Taufiq Rochaeli,
Björn Steinemann,
Ruben Wolf
Publication year - 2007
Publication title -
electronic notes in theoretical computer science
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.242
H-Index - 60
ISSN - 1571-0661
DOI - 10.1016/j.entcs.2006.08.025
Subject(s) - xacml , computer science , computer security , security policy , access control , security service , computer security model , enforcement , cloud computing security , security convergence , the internet , network security policy , information security , world wide web , cloud computing , political science , law , operating system
The potentials of modern information technology can only be exploited, if the underlying infrastructure and the applied applications sufficiently take into account all aspects of IT security. This paper presents the platform architecture of the SicAri project, which aims to build a security platform for ubiquitous Internet usage, and gives an overview of the implicitly and explicitly used security mechanisms to enable access control for service oriented applications in distributed environments. The paper will introduce the security policy integration concept with a special focus on distribution of security policies within the service infrastructure for transparent policy enforcement. We describe in details our extensions of the COPS protocol to transport XACML payload for security policy distribution and policy decision requests/responses
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom