PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision.

Slides:



Advertisements
Similar presentations
0 McLean, VA August 8, 2006 SOA, Semantics and Security.
Advertisements

Project of the Darmstadt University of Technology within the competence network New Services, Standardization, Metadata (bmb+f) Stephan Körnig Ali Mahdoui.
Retrieval of Information from Distributed Databases By Ananth Anandhakrishnan.
New Challenges for Access Control April 27, Improving Usability and Expressiveness with Dynamic Policies and Obligations Dennis Kafura Markus Lorch.
0 General information Rate of acceptance 37% Papers from 15 Countries and 5 Geographical Areas –North America 5 –South America 2 –Europe 20 –Asia 2 –Australia.
Authz work in GGF David Chadwick
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
Augustin Chaintreau Pierre FraigniaudEmmanuelle Lebhar ThomsonCNRSCNRS ParisUniversite Paris DiderotUniversite Paris Diderot Paper Discussed by: Ranjeet.
Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.
 SOA is not a newly invented concept  It brings together existing concepts and practices  Distributed in a network through interfaces  Utilized by.
Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.
Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.
1 Provenance in O RCHESTRA T.J. Green, G. Karvounarakis, Z. Ives, V. Tannen University of Pennsylvania Principles of Provenance (PrOPr) Philadelphia, PA.
Patient Record System Team A DBM/381 February 4, 2013 John Italiano.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo
XACML Briefing for PMRM TC Hal Lockhart July 8, 2014.
● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
Katanosh Morovat.   This concept is a formal approach for identifying the rules that encapsulate the structure, constraint, and control of the operation.
Deploying Trust Policies on the Semantic Web Brian Matthews and Theo Dimitrakos.
KEx objectives Supporting distributed and heterogeneous organizations in managing their knowledge processes, by technologically implementing the basic.
It’s Distributed searching, Jim But not as you know it! ZIG meeting, Leuven July 12th, 2000 Bert Degenhart Drenth ADLIB Information Systems BV
POLIPO: Policies & OntoLogies for Interoperability, Portability, and autOnomy Daniel Trivellato.
Elisa Bertino Purdue University Pag. 1 Security of Distributed Systems Part II Elisa Bertino CERIAS and CS &ECE Departments Purdue University.
1 CS 502: Computing Methods for Digital Libraries Lecture 19 Interoperability Z39.50.
11 Usage policies for end point access control  XACML is Oasis standard to express enterprise security policies with a common XML based policy language.
SAML: An XML Framework for Exchanging Authentication and Authorization Information + SPML, XCBF Prateek Mishra August 2002.
©Ferenc Vajda 1 Semantic Grid Ferenc Vajda Computer and Automation Research Institute Hungarian Academy of Sciences.
Extending Access To Information Resource Discovery Service William E. Moen, Ph.D. Kathleen R. Murray, Ph.D. School of Library and Information Sciences.
Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.
22/01/2004Daniel Olmedilla1 INTEGRATING PROLOG IN TRUST NEGOTIATION Software Project / Summer Semester /04/2004 Daniel Olmedilla L3S / University.
EGEE-III INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks gLite Authorization Service: Technical Overview.
Overview of Privilege Project at Fermilab (compilation of multiple talks and documents written by various authors) Tanya Levshina.
Cole David Ronnie Julio. Introduction Globus is A community of users and developers who collaborate on the use and development of open source software,
Secure Systems Research Group - FAU 1 A Trust Model for Web Services Ph.D Dissertation Progess Report Candidate: Nelly A. Delessy, Advisor: Dr E.B. Fernandez.
MyGrid/Taverna Provenance Daniele Turi University of Manchester OMII f2f Meeting, London, 19-20/4/06.
INRIA - Progress report DBGlobe meeting - Athens November 29 th, 2002.
Jini Architectural Overview Li Ping
WSDL – Web Service Definition Language  WSDL is used to describe, locate and define Web services.  A web service is described by: message format simple.
Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:
Department of Computer Science PCL: A Policy Combining Language EXAM: Environment for Xacml policy Analysis & Management Access Control Policy Combining.
Introducing WI Proposal about Authorization Architecture and Policy Group Name: WG4 Source: Wei Zhou, Datang, Meeting Date: Agenda Item:
Overviews of the Library of Texas & ZLOT Project Dr. William E. Moen Principal Investigator.
A Resource Discovery Service for the Library of Texas Requirements, Architecture, and Interoperability Testing William E. Moen, Ph.D. Principal Investigator.
Old Dominion University1 eXtensible Access Control Markup Language [OASIS Standard] Kailash Bhoopalam Java and XML.
ZLOT The Z Texas Implementation Component of the Library of Texas Dr. William E. Moen Principal Investigator.
UNCLASSIFIED Service Oriented Architecture, Information Sharing and the FEA DRM 23 January 2006 Bryan Aucoin DNI CIO Chief Architect
Interconnecting Autonomous Medical Domains Gritzalis, S.Gritzalis, S. ; Belsis, P. ; Katsikas, S.K. ; Univ. of the Aegean, Samos Belsis, P.Katsikas, S.K.
Enable Semantic Interoperability for Decision Support and Risk Management Presented by Dr. David Li Key Contributors: Dr. Ruixin Yang and Dr. John Qu.
EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks OpenSAML extension library and API to support.
Sharing personal knowledge over the Semantic Web ● We call personal knowledge the knowledge that is developed and shared by the users while they solve.
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
XACML Contributions Hal Lockhart, Oracle Corp. 2 Topics Authorization API Finding Input Attributes.
A Semi-Automated Digital Preservation System based on Semantic Web Services Jane Hunter Sharmin Choudhury DSTC PTY LTD, Brisbane, Australia Slides by Ananta.
Topic 4: Distributed Objects Dr. Ayman Srour Faculty of Applied Engineering and Urban Planning University of Palestine.
Trygve Aspelien and Yuri Demchenko
Data and Applications Security
XACML and the Cloud.
Data and Applications Security
Security & .NET 12/1/2018.
IDSS Lab – research directions Sept 6, 2002
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Bond Information and Software Distribution Services
Presentation transcript:

PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision TM Policy Predicate Layer Constraint rules Global OntologyLocal Ontology PDP Semantic Web Library TM algorithm

What is done PDP SWI-Prolog ( Credential repository PostgreSQL ( Request Format XACML + SAML Profile (

SWI Prolog PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision TM Policy Predicate Layer Constraint rules Global OntologyLocal Ontology PDP Semantic Web Library TM algorithm SWI Prolog PostgreSQL Project 1a XACML Project 2a Project 1b&2b Project 3a Project 3b

Project 1a (2 persons) PEP and interface with PDP Component that waits for requests (also from other computers) and forwards the requests to the PDP Interface between this component and PDP – Translate XML requests into Prolog queries – Return decision made by the PDP to the PEP Requirements Format of request (XACML-based) to PEP – Ac: Subj, obj, action, list of creds. – Cred: Subj, Attr, list of creds. Interface Java/Prolog – e.g., JPL ( prolog.org/packages/jpl/java_api/index.html)

Project 2a (2 persons) TM Algorithms Chain Discovery (RT algorithms) Simulations in Distributed Systems Requirements Java interface between Prolog engines No requirements on the msg exchange format at this stage of the project Reference Ninghui Li, William H. Winsborough, and John C. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, volume 11, number 1, pp , February 2003.

Project 1b&2b (4 persons) Integrate 1a and 2a  Integrate the TM Algorithm into the PEP-PDP  Request of remote credentials specified as XACML/SAML requests  Credential Issuing XACML/SAML

Project 3a (3 persons) Extend the PDP with a component for reputation- based decisions Component for assessing the similarity between two concepts Retrieve similarity credentials from the repository Implement similarity metrics Interface between PDP and this component

Project 3b (3 persons) Design a protocol for the exchange of similarity credentials among peers. Gossip protocols Reference A. Demers, D. Greene, C. Hauser, W. Irish, J. Larson, S. Shenker, H. Stuygis, D. Swinehart, D. Terry, “Epidemic algorithms for replicated database maintenance”, Proc. ACM Symp. on Principles of Distributed Computing, S. Hedetniemi, S. Hedetniemi, A. Liestman, “A survey of gossiping and broadcasting in communication networks”, Networks 18(1988).

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.