research

Context dependent revocation in delegated XACML

Authors
Publication date
1 January 2008
Publisher
Swedish Institute of Computer Science

Abstract

The XACML standard defines an XML based language for defining access control policies and a related processing model. Recent work aims to add delegation to XACML in order to express the right to administrate XACML policies within XACML itself. The delegation profile draft explains how to validate the right to issue a policy, but there are no provisions for removing a policy. This paper proposes a revocation model for delegated XACML. A novel feature of this model is that whether a revocation is valid or not, depends not only on who issued the revocation, but also on the context in which an attempt to use the revoked policy is done

    Similar works

    Full text

    thumbnail-image

    Available Versions

    RISE – Research Institutes of Sweden

    redirect
    oaioai:DiVA.org:ri-22938
    Last time updated on 16/11/2021

    Digitala Vetenskapliga Arkivet - Academic Archive On-line

    redirect
    oaioai:DiVA.org:ri-22938
    Last time updated on 26/04/2017

    Swedish Institute of Computer Science Publications Database

    redirect
    oaioai:generic.eprints.org:3521/c...
    Last time updated on 10/07/2013

    Software institutes' Online Digital Archive

    redirect
    oaioai:generic.eprints.org:3521/c...
    Last time updated on 17/04/2020