References in periodicals archive ?
In the next subsections we give an overview of XACML and XACML profiles.
That is to say, although XACML permits authorization
A framework introduced in [21] supports not only authentication but also authorization, enabled by creating an Authorization Server which issues access tokens according to security rules stored in XACML [79], an XML schema for representing authorization and entitlement policies.
Jang, "Role-based access control for substation automation systems using XACML," Information Systems, vol.
The third goal of this work is to ensure secure authorization by using Extendable Access Control Markup Language (XACML).
According to the data-flow model of XACML [11], we designed the access-control model depicted in Figure 3.
Moses (Ed.), Extensible Access Control Markup Language (XACML) Version 2.0, OASIS Consortium, 2005.
NextLabs (nextlabs.com) began as a provider of data loss prevention (DLP) solutions, then moved upstream into enterprise rights management to offer a more complete security solution, which it terms "information risk management." The software is based on eXtensible Access Control Markup Language (XACML) from the standards body OASIS (oasis-open.org).
The eXtensible Access Control Markup Language (XACML) is an XML-based Web service standard for communicating access control policies between services.
Martin Lambert, CTO and founder of SealedMedia, takes a different view of the ISO standard: "In practice, interoperability between E-DRM solutions is not proving a useful use case for RELs because (a) there are more competing RELs (e.g., XrML, ODRL, XACML, etc.) than viable competing E-DRM solutions, and (b) different E-DRM solutions use completely different cryptographic file formats and rights models, so being able to "speak" a common REL represents less than 1% of what is required for E-DRM interoperability."
Authors in [36, 37] present analysis techniques based on SMT solvers for analyzing XACML and variant of RBAC policies.