OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: pointer to previous work


as requested at the face-to-face meeting, below are pointers to some
previous work we have done at UNIMI on access control policies and
that is related to the activities of the committee.

- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati,
  ``Securing XML Documents,'' in Proc. of the 2000 International
  Conference on Extending Database Technology (EDBT2000), Konstanz,
  Germany, March 27-31, 2000


- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati,
  ``Design and Implementation of an Access Control Processor for XML
  Documents'' in Computer Networks, vol. 33, no. 1-6, 2000, pp. 59-75;
  and Proc. of the Ninth International World Wide Web Conference
  (WWW9), Amsterdam, May 15-19, 2000.


	These are the papers that present our fine-grained access
	control for XML documents.

- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati,
  ``Fine-Grained Access Control for SOAP E-Services,''
  in Proc. of the Tenth International World Wide Web Conference
  (WWW10) , Hong Kong, May 1-5, 2001.


	This paper presents an extension to our access control system
	for regulating access to SOAP e-services. The approach is
	based on intercepting and filtering requests.

- S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian,
  ``Flexible Support for Multiple Access Control Policies,''
  in ACM Transactions on Database Systems, to appear.


	It presents a logic-based language for expressing security

- P. Bonatti, S. De Capitani di Vimercati, and P. Samarati, ``An
  Algebra for Composing Access Control Policies,''
  in ACM Transactions on Information and System Security, to appear.


	It presents an algebra for expressing complex policies
	characterized by merging different components that need to be
	maintained independently.

- P. Bonatti, P. Samarati ``Regulating Service Access and Information
  Release on the Web,'' in Proc. 7th ACM Conference on Computer and
  Communications Security, Athens, Greece, November 1-4, 2000.


	It presents a security model for regulating access in an open
	distributed environments where clients may not been known
	apriori to servers. It supports certificate-based
	authorizations.  It also addresses the problem of
	security policy communication between server and client (as
	the server needs to tell the clients which certificates may be
	necessary for an access).

- P. Bonatti, E. Damiani, S. De Capitani di Vimercati, P. Samarati,
  ``An Access Control Model for Data Archives,''
  in IFIP-TC11 International Conference on Information Security,
  Paris, France, June 11-14, 2001.


	It presents an access control for regulating access to data
	archives. The goal there was to present a solution that was
	expressive enough to cover the requirements gathered by the
	partners but at the same time simple. Particular attention was
	devoted to the language for specifying authorizations. You can
	see this as an input for use cases (as the solution was based
	on protection requirements collected from users).

- P. Samarati and S. De Capitani di Vimercati, ``Access Control:
  Policies, Models, and Mechanisms,''
  in Foundations of Security Analysis and Design, R. Focardi and
  R. Gorrieri (eds), LNCS 2172, Springer-Verlag.


	Survey chapter on security policies and models.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC