Abstract | ||
---|---|---|
Whether access is given to a protected entity is decided upon evaluation of access control constraints. Though some initial approaches to classify access control constraints can be identified in the current literature, they must be considered as too broad with respect to today's multi-layered system landscapes. In this paper we present a classification model for authorization constraint types extracted from recent publications. We identify common restriction characteristics and classify the constraint types depending on their information sources necessary for constraint evaluation. We identified the following authorization classes: Authentication, Ontology, Environment, and Activity. We further propose a system architecture supporting these classes. We map our model architecture onto the Windows 2003 Authorization Manager, identify the components equal to our proposed architecture and emphasize which authorization classes are supported. We therefore show the applicability of our model to analyze existing authorization systems and determine the supported constraints. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/PCCC.2007.358921 | 2007 IEEE International Performance Computing and Communications Conference, Vols 1 and 2 |
Keywords | Field | DocType |
authentication,ontology,ontologies,authorization,middleware,access control,system architecture,authorisation,classification,data mining | Ontology (information science),Middleware,Data mining,Permission,Ontology,Architecture,Authentication,Computer science,Access control,Systems architecture | Conference |
ISSN | Citations | PageRank |
1097-2641 | 5 | 0.51 |
References | Authors | |
13 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mathias Kohler | 1 | 46 | 4.32 |
Christian Liesegang | 2 | 5 | 0.51 |
Andreas Schaad | 3 | 50 | 5.10 |