An application of directory service markup language (DSML) for role-based access control (RBAC)

Author

Shin, Dongwan ; Ahn, Gail-Joon ; Park, Joon S.

Author_Institution

Dept. of Software & Inf. Syst., North Carolina Univ., Charlotte, NC, USA

fYear

2002

fDate

2002

Firstpage

934

Lastpage

939

Abstract

The directory service markup language (DSML) prescribes how to manipulate directory services information in XML, and thus it facilitates sharing of directory information as XML fragments among XML-based applications. We describe how to leverage DSML for role-based access control on XML-based Web applications which often need collaboration within or beyond a single enterprise boundary. Compared with previous works in this area, we show that our approach can solve the problems of a previous LDAP-oriented solution. We discuss the security architecture based upon a server-pull model and its components. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Finally, several issues from our experience are discussed as well.

Keywords

Internet; authorisation; hypermedia markup languages; LDAP-oriented solution; XML-based Web applications; directory service markup language; information sharing; proof-of-concept implementation; role-based access control; security architecture; server-pull model; Access control; Application software; Conference management; Data security; Information retrieval; Information security; Markup languages; Permission; Web server; XML;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference, 2002. COMPSAC 2002. Proceedings. 26th Annual International

ISSN

0730-3157

Print_ISBN

0-7695-1727-7

Type

conf

DOI

10.1109/CMPSAC.2002.1045125

Filename

1045125