Presentation is loading. Please wait.

Presentation is loading. Please wait.

PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision.

Published byCandace Atkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision."— Presentation transcript:

1 PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision TM Policy Predicate Layer Constraint rules Global OntologyLocal Ontology PDP Semantic Web Library TM algorithm

2 What is done PDP SWI-Prolog (http://www.swi-prolog.org/) Credential repository PostgreSQL (http://www.postgresql.org/)http://www.postgresql.org/ Request Format XACML + SAML Profile (http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml)

3 SWI Prolog PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision TM Policy Predicate Layer Constraint rules Global OntologyLocal Ontology PDP Semantic Web Library TM algorithm SWI Prolog PostgreSQL Project 1a XACML Project 2a Project 1b&2b Project 3a Project 3b

4 Project 1a (2 persons) PEP and interface with PDP Component that waits for requests (also from other computers) and forwards the requests to the PDP Interface between this component and PDP – Translate XML requests into Prolog queries – Return decision made by the PDP to the PEP Requirements Format of request (XACML-based) to PEP – Ac: Subj, obj, action, list of creds. – Cred: Subj, Attr, list of creds. Interface Java/Prolog – e.g., JPL (http://www.swi- prolog.org/packages/jpl/java_api/index.html)

5 Project 2a (2 persons) TM Algorithms Chain Discovery (RT algorithms) Simulations in Distributed Systems Requirements Java interface between Prolog engines No requirements on the msg exchange format at this stage of the project Reference Ninghui Li, William H. Winsborough, and John C. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, volume 11, number 1, pp. 35-86, February 2003.

6 Project 1b&2b (4 persons) Integrate 1a and 2a  Integrate the TM Algorithm into the PEP-PDP  Request of remote credentials specified as XACML/SAML requests  Credential Issuing XACML/SAML

7 Project 3a (3 persons) Extend the PDP with a component for reputation- based decisions Component for assessing the similarity between two concepts Retrieve similarity credentials from the repository Implement similarity metrics Interface between PDP and this component

8 Project 3b (3 persons) Design a protocol for the exchange of similarity credentials among peers. Gossip protocols Reference A. Demers, D. Greene, C. Hauser, W. Irish, J. Larson, S. Shenker, H. Stuygis, D. Swinehart, D. Terry, “Epidemic algorithms for replicated database maintenance”, Proc. ACM Symp. on Principles of Distributed Computing, 1987. S. Hedetniemi, S. Hedetniemi, A. Liestman, “A survey of gossiping and broadcasting in communication networks”, Networks 18(1988).

Download ppt "PEP Similarity Credential Repository Gossip protocol Access request Credential request Reputation-based Similarity Evaluator AC Policy Request Decision."

Similar presentations

0 McLean, VA August 8, 2006 SOA, Semantics and Security.

0 McLean, VA August 8, 2006 SOA, Semantics and Security.
Project of the Darmstadt University of Technology within the competence network New Services, Standardization, Metadata (bmb+f) Stephan Körnig Ali Mahdoui.

Project of the Darmstadt University of Technology within the competence network New Services, Standardization, Metadata (bmb+f) Stephan Körnig Ali Mahdoui.
Retrieval of Information from Distributed Databases By Ananth Anandhakrishnan.

Retrieval of Information from Distributed Databases By Ananth Anandhakrishnan.
New Challenges for Access Control April 27, 2005 1 Improving Usability and Expressiveness with Dynamic Policies and Obligations Dennis Kafura Markus Lorch.

New Challenges for Access Control April 27, Improving Usability and Expressiveness with Dynamic Policies and Obligations Dennis Kafura Markus Lorch.
0 General information Rate of acceptance 37% Papers from 15 Countries and 5 Geographical Areas –North America 5 –South America 2 –Europe 20 –Asia 2 –Australia.

0 General information Rate of acceptance 37% Papers from 15 Countries and 5 Geographical Areas –North America 5 –South America 2 –Europe 20 –Asia 2 –Australia.
Authz work in GGF David Chadwick

Authz work in GGF David Chadwick
Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.

Web Services and the Semantic Web: Open Discussion Session Diana Geangalau Ryan Layfield.
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.

XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
Augustin Chaintreau Pierre FraigniaudEmmanuelle Lebhar ThomsonCNRSCNRS ParisUniversite Paris DiderotUniversite Paris Diderot Paper Discussed by: Ranjeet.

Augustin Chaintreau Pierre FraigniaudEmmanuelle Lebhar ThomsonCNRSCNRS ParisUniversite Paris DiderotUniversite Paris Diderot Paper Discussed by: Ranjeet.
Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.

Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.
 SOA is not a newly invented concept  It brings together existing concepts and practices  Distributed in a network through interfaces  Utilized by.

 SOA is not a newly invented concept  It brings together existing concepts and practices  Distributed in a network through interfaces  Utilized by.
Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.

Software Frameworks for Acquisition and Control European PhD – 2009 Horácio Fernandes.
95-804 Applied Cryptography Week 13 SAML 1 95-804 Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.
An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.

An Introduction to Decentralized Trust Management Sandro Etalle University of Twente thanks to William H. Winsborough – University of Texas S. Antonio.
1 Provenance in O RCHESTRA T.J. Green, G. Karvounarakis, Z. Ives, V. Tannen University of Pennsylvania Principles of Provenance (PrOPr) Philadelphia, PA.

1 Provenance in O RCHESTRA T.J. Green, G. Karvounarakis, Z. Ives, V. Tannen University of Pennsylvania Principles of Provenance (PrOPr) Philadelphia, PA.
Patient Record System Team A DBM/381 February 4, 2013 John Italiano.

Patient Record System Team A DBM/381 February 4, 2013 John Italiano.
Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.

Audumbar. Access control and privacy Who can access what, under what conditions, and for what purpose.
Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.

Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.
1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

1 © Talend 2014 XACML Authorization Training Slides 2014 Jan Bernhardt Zsolt Beothy-Elo

Similar presentations

Ads by Google