Recognition of Authority in Virtual Organisations

Nguyen, Tuan-Anh; Chadwick, David; Nasser, Bassem

doi:10.1007/978-3-540-74409-2_3

Cited by 3 publications

(1 citation statement)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also plan to support the delegation of role-permission assignments according to the design presented in [26] and incorporate additional policy elements in the delegation trees, such as attribute mappings of the kind described in [17].…”

Section: Discussionmentioning

confidence: 99%

Adding support to XACML for multi-domain user to user dynamic delegation of authority

Chadwick

Otenko

Nguyễn

2009

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Tuan Anh Nguyen has a Master of Electronics andTelecommunications degree from the Hanoi University of Technology, Vietnam. He is studying for a PhD in dynamic delegation of authority at the University of Kent, under the supervision of Professor Chadwick.Abstract. We describe adding support for dynamic delegation of authority between users in multiple administrative domains, to the XACML model for authorisation decision making. Delegation of authority is enacted via the issuing of credentials from one user to another, and follows the role based access control model. We present the problems and requirements that such a delegation model demands, the policy elements that are necessary to control the delegation chains and a description of the architected solution. We propose a new conceptual entity called the Credential Validation Service (CVS) to work alongside the XACML PDP. We describe our implementation of the CVS and present performance measurements for validating delegated chains of credentials.

show abstract

Section: Discussionmentioning

confidence: 99%

Adding support to XACML for multi-domain user to user dynamic delegation of authority

Chadwick

Otenko

Nguyễn

2009

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

Authentication in Wireless Mesh Networks

Boudguiga¹,

Laurent²

2014

Security for Multihop Wireless Networks

View full text Add to dashboard Cite

An Authorisation Policy Management Model in Federations

Cham¹,

Anh²

2018

JCSCE

View full text Add to dashboard Cite

A federation is usually an alliance of organisations where users from one organisation are trusted to access resources in another organisation. The membership of federations is diverse and continually changing. Federations require distributed and dynamic security policy management to meet these challenges. We propose an authorisation policy management model, FABACD, which simplifies the management of collaborations between organisations. It allows distributed and trusted administrators to adjust the authorisation policies in a resource holding organisation, whilst ensuring that the latter remains in ultimate control. The net result is that a resource’s authorisation system is able to use user credentials built from preexisting attributes issued by any participating organisation, in order to determine a user’s access rights to the various resources, without requiring credentials to be issued that are based on federation specific attributes. The model significantly simplifies the authorisation management process for the resource holding organisation.

show abstract

Recognition of Authority in Virtual Organisations

Cited by 3 publications

References 15 publications

Adding support to XACML for multi-domain user to user dynamic delegation of authority

Adding support to XACML for multi-domain user to user dynamic delegation of authority

Authentication in Wireless Mesh Networks

An Authorisation Policy Management Model in Federations

Contact Info

Product

Resources

About