Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control

Bhatti, R and Ghafoor, A and Bertino, E and Joshi, JBD (2005) X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control. ACM Transactions on Information and System Security, 8 (2). 187 - 227. ISSN 1094-9224

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)

Abstract

Modern day enterprises exhibit a growing trend toward adoption of enterprise computing services for efficient resource utilization, scalability, and flexibility. These environments are characterized by heterogeneous, distributed computing systems exchanging enormous volumes of time-critical data with varying levels of access control in a dynamic business environment. The enterprises are thus faced with significant challenges as they endeavor to achieve their primary goals, and simultaneously ensure enterprise-wide secure interoperation among the various collaborating entities. Key among these challenges are providing effective mechanism for enforcement of enterprise policy across distributed domains, ensuring secure content-based access to enterprise resources at all user levels, and allowing the specification of temporal and nontemporal context conditions to support fine-grained dynamic access control. In this paper, we investigate these challenges, and present X-GTRBAC, an XML-based GTRBAC policy specification language and its implementation for enforcing enterprise-wide access control. Our specification language is based on the GTRBAC model that incorporates the content- and context-aware dynamic access control requirements of an enterprise. An X-GTRBAC system has been implemented as a Java application. We discuss the salient features of the specification language, and present the software architecture of our system. A comprehensive example is included to discuss and motivate the applicability of the X-GTRBAC framework to a generic enterprise environment. An application level interface for implementing the policy in the X-GTRBAC system is also provided to consolidate the ideas presented in the paper. © 2005 ACM.


Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Article
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Bhatti, R
Ghafoor, A
Bertino, E
Joshi, JBDjjoshi@pitt.eduJJOSHI
Date: 1 May 2005
Date Type: Publication
Journal or Publication Title: ACM Transactions on Information and System Security
Volume: 8
Number: 2
Page Range: 187 - 227
DOI or Unique Handle: 10.1145/1065545.1065547
Schools and Programs: School of Information Sciences > Information Science
Refereed: Yes
ISSN: 1094-9224
Article Type: Review
Date Deposited: 30 Oct 2012 20:37
Last Modified: 30 Oct 2017 22:55
URI: http://d-scholarship.pitt.edu/id/eprint/16142

Metrics

Monthly Views for the past 3 years

Plum Analytics

Altmetric.com


Actions (login required)

View Item View Item