Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

Slides:



Advertisements
Similar presentations
The eXtensible Markup Language (XML) An Applied Tutorial Kevin Thomas.
Advertisements

Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: Agenda Item:
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Authz work in GGF David Chadwick
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Information Retrieval in Practice
Semantic Annotation Options for Release2 Group Name: MAS WG Source: Catalina Mladin, Lijun Dong, InterDigital Meeting Date: Agenda Item: TBD.
Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,
XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.
Overview of Search Engines
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
A Policy Framework for Multicast Group Control Salekul Islam and J. William Atwood Concordia University Department of Computer Science and Software Engineering.
RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: Agenda Item:
Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:
SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.
WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.
World Class Standards WG8 presentation of current Subscription Management Activities TISPAN WG8 – 3GPP SA#5 Joint meeting Sophia Antipolis, May14th - 15.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Dr. Bhavani Thuraisingham October 2006 Trustworthy Semantic Webs Lecture #16: Web Services and Security.
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.
End-to-End security definition Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:
Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.
Access Control for Health Applications EHI Connecting Communities Forum April 11, 2006 Don Grodecki Browsersoft, Inc.
11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.
In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:
WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
Group Name: oneM2M WG1 Requirements Source: Phil Hawkes, Rapporteur “Benefits of oneM2M technology” TR,
Extensible Access Control Framework for Cloud Applications KTH-SEECS Applied Information Security Lab SEECS NUST Implementation Perspective.
Work Group / Work Item Proposal Slide 1 © 2012 oneM2M Partners oneM2M-TP oneM2M_Work_Group_Work_Item_Proposal Group name: Technical Plenary Source:
Authorization in Trust Management Conditional Delegation and Attribute-Based Role Assignment using XACML and RBAC Brian Garback © Brian Garback 2005.
Proposal for RBAC Features for SDD James Falkner Sun Microsystems October 11, 2006.
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
By: Nikhil Bendre Gauri Jape.  What is Identity?  Digital Identity  Attributes  Role  Relationship.
Status Report on Access TP8 Group Name: WG2 Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Secure Systems Research Group - FAU 1 A Trust Model for Web Services Ph.D Dissertation Progess Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.
Personal Project. Topic Modeling and Presenting Data from a Publication Objectives –Using XML related techniques to model and present data from a publication.
Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.
Meeting Savvy By Michael A. Sand
Introducing concept of M2M-application data modeling Group Name: MAS Source: FUJITSU Meeting Date: Agenda Item: Semantics and Device Configuration.
Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:
Access Control Status Report Group Name: ARC/SEC Source: Dragan Vujcic, Oberthur Technologies, Meeting Date: 09/12/2013 Agenda Item:
Old Dominion University1 eXtensible Access Control Markup Language [OASIS Standard] Kailash Bhoopalam Java and XML.
Group Name: oneM2M WG1 Requirements Source: Phil Hawkes, Rapporteur “Benefits of oneM2M technology” TR,
M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:
Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.
Issues of Current Access Control Rule and New Proposal Introduction Group Name: ARC 21 Source: Wei Zhou, Datang, Meeting Date:
Authorization Architecture Discussion Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 28 MAY, 2014 Agenda.
Draft way Forward on Access Control Model and associated Terminology Group Name: SEC Source: Dragan Vujcic, Oberthur Technologies,
Authorization PDP GE Course (R4) FIWARE Chapter: Security FIWARE GE: Authorization PDP FIWARE GEri: AuthZForce Authorization PDP Owner: Cyril Dangerville,
DM Collaboration – OMA & BBF: Deployment Scenarios Group Name: WG5 - MAS Source: Tim Carey, ALU, Meeting Date:
Eclipse Foundation, Inc. Eclipse Open Healthcare Framework v1.0 Interoperability Terminology HL7 v2 / v3 DICOM Archetypes Health Records Capture Storage.
Information Retrieval in Practice
Resource subscription using DDS in oneM2M
Service Framework Proposal
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
CSE Retargeting to AE, IPE, and NoDN Hosted Resources
Discussion about Use Case and Architecture in Developer Guide
WPM ad-hoc group report TP#25
Considering issues regarding handling token
Service Layer Dynamic Authorization [SLDA]
Brief Introduction to IEEE P802.1CF
Securing Home IoT Environments with Attribute-Based Access Control
Business Process Management
Presentation transcript:

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

General Information about The WI Proposal Work Item Title: Study of Authorization Architecture for Supporting Heterogeneous Access Control Policies Work Item Content:  Detailed design of authorization architecture  Supporting user specified access control policies  Using XACML in oneM2M authorization system Why set up this work item: Related topics have been suggested to be firstly discussed in a TR.

Detailed Design of Authorization Architecture (1/2) Investigating the interfaces among authoriztion components Investigating how these components could be distributed in different oneM2M entities Investigating how to use service subscription roles

Detailed Design of Authorization Architecture (2/2) Topics related to interfaces among these components: Message flows Message contents Message formats Topics related to distributed authorization components: Establishing trust relations among authorization components Securing message exchanges among authorization components Topics related using service subscription roles: Retrieving service subscription roles RBAC policy and evaluation

Supporting User Specified Access Control Policies It is difficult to predict all oneM2M access control requirements, so the oneM2M authorization system shall being an extensible system that can support: User-defined access control mechanisms User-defined access control policy languages

Using XACML in oneM2M authorization system eXtensible Access Control Markup Language (XACML) is an XML-based access control language defined by the Organization for the Advancement of Structured Information Standards (OASIS). XACML access control framework conforms to the Attribute Based Access Control (ABAC). XACML is currently the only standardized access control policy language.

XACML supports different types of access control mechanisms, e.g. ACL, RBAC, ABAC; XACML supports a variety of rule and policy combing algorithms; XACML is extensible, e.g. adding new data types, new functions, roles and/or authoriztion tokens. XACML Policy Structure and Main Features

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.