Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:

Published byMyrtle Cunningham Modified over 8 years ago

Similar presentations

Presentation on theme: "Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:"— Presentation transcript:

1 Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, zhouwei@catt.cn Meeting Date: Agenda Item:

2 General Information about The WI Proposal Work Item Title: Study of Authorization Architecture for Supporting Heterogeneous Access Control Policies Work Item Content:  Detailed design of authorization architecture  Supporting user specified access control policies  Using XACML in oneM2M authorization system Why set up this work item: Related topics have been suggested to be firstly discussed in a TR.

3 Detailed Design of Authorization Architecture (1/2) Investigating the interfaces among authoriztion components Investigating how these components could be distributed in different oneM2M entities Investigating how to use service subscription roles

4 Detailed Design of Authorization Architecture (2/2) Topics related to interfaces among these components: Message flows Message contents Message formats Topics related to distributed authorization components: Establishing trust relations among authorization components Securing message exchanges among authorization components Topics related using service subscription roles: Retrieving service subscription roles RBAC policy and evaluation

5 Supporting User Specified Access Control Policies It is difficult to predict all oneM2M access control requirements, so the oneM2M authorization system shall being an extensible system that can support: User-defined access control mechanisms User-defined access control policy languages

6 Using XACML in oneM2M authorization system eXtensible Access Control Markup Language (XACML) is an XML-based access control language defined by the Organization for the Advancement of Structured Information Standards (OASIS). XACML access control framework conforms to the Attribute Based Access Control (ABAC). XACML is currently the only standardized access control policy language.

7 XACML supports different types of access control mechanisms, e.g. ACL, RBAC, ABAC; XACML supports a variety of rule and policy combing algorithms; XACML is extensible, e.g. adding new data types, new functions, roles and/or authoriztion tokens. XACML Policy Structure and Main Features

Download ppt "Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:"

Similar presentations

The eXtensible Markup Language (XML) An Applied Tutorial Kevin Thomas.

The eXtensible Markup Language (XML) An Applied Tutorial Kevin Thomas.
Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: 2013-12-9 Agenda Item:

Access Control Mechanism for User Group Name: SEC WG Source: Seongyoon Kim, LG Electronics, Meeting Date: Agenda Item:
Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.

Problem of Current Notification Group Name: ARC WG Source: Heedong Choi, LG Electronics, Meeting Date: ARC 9.0 Agenda Item: TBD.
Authz work in GGF David Chadwick

Authz work in GGF David Chadwick
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.
Information Retrieval in Practice

Information Retrieval in Practice
Semantic Annotation Options for Release2 Group Name: MAS WG Source: Catalina Mladin, Lijun Dong, InterDigital Meeting Date: 2015-03-16 Agenda Item: TBD.

Semantic Annotation Options for Release2 Group Name: MAS WG Source: Catalina Mladin, Lijun Dong, InterDigital Meeting Date: Agenda Item: TBD.
Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,

Securing Web Services Using Semantic Web Technologies Brian Shields PhD Candidate, Department of Information Technology, National University of Ireland,
XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.

XACML By Ganesh Godavari Craig Peltier. Information Sharing Information Sharing relates to the sharing of information between two or more entities. Entities.
Overview of Search Engines

Overview of Search Engines
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.

Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
A Policy Framework for Multicast Group Control Salekul Islam and J. William Atwood Concordia University Department of Computer Science and Software Engineering.

A Policy Framework for Multicast Group Control Salekul Islam and J. William Atwood Concordia University Department of Computer Science and Software Engineering.
RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: 2013-10-21 Agenda Item:

RoA and SoA Integration for Message Brokers Group Name: WG2-ARC Source: ALU Meeting Date: Agenda Item:
Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:

Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:
SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.

SAML, XACML & the Terrorism Information Sharing Environment “Interoperable Trust Networks” XML Community of Practice February 16, 2005 Martin Smith Program.
WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Similar presentations

Ads by Google