tailieunhanh - An authorisation policy management model in federations

The net result is that a resource’s authorisation system is able to use user credentials built from preexisting attributes issued by any participating organisation, in order to determine a user’s access rights to the various resources, without requiring credentials to be issued that are based on federation specific attributes. The model significantly simplifies the authorisation management process for the resource holding organisation. | VNU Journal of Science: Comp. Science & Com. Eng, Vol. 34, No. 1 (2018) 19-29 An Authorisation Policy Management Model in Federations Vu Ngoc Cham*, Nguyen Tuan Anh Electric Power University, Hanoi, Vietnam Abstract A federation is usually an alliance of organisations where users from one organisation are trusted to access resources in another organisation. The membership of federations is diverse and continually changing. Federations require distributed and dynamic security policy management to meet these challenges. We propose an authorisation policy management model, FABACD, which simplifies the management of collaborations between organisations. It allows distributed and trusted administrators to adjust the authorisation policies in a resource holding organisation, whilst ensuring that the latter remains in ultimate control. The net result is that a resource’s authorisation system is able to use user credentials built from preexisting attributes issued by any participating organisation, in order to determine a user’s access rights to the various resources, without requiring credentials to be issued that are based on federation specific attributes. The model significantly simplifies the authorisation management process for the resource holding organisation. Received 12 April 2018, Revised 18 June 2018, Accepted 18 June 2018 Keywords: Authorisation management, collaboration management, federations, distributed workflows, ABAC. 1. Introduction* (the issuing organisation) request access to some sensitive information in another (target) organisation, the authorisation system of the target organisation either needs to issue its own new credentials to these new users, or needs to be configured to recognise the issuing organisation and its credentials (and the attributes embedded in them), so that users with those credentials can gain access to its protected resources. In the latter case, the target organisation’s authorisation system must validate and understand .

• Quản lý Nhà nước
• VNU Journal of Science
• An authorisation policy management model in federations
• An authorisation policy management model
• The resource holding organisation
• Resource’s authorisation system
• Data processing methods for deep level transients measurement
• Deep level transients measurement
• The Faculty of Physics
• VNU University of Science
• The main three approaches widely
• Journal of science
• Publications and trends of research in foreign language majors
• VNU university of languages and international studies
• A preliminary survey
• Dissertations by master and doctoral students
• Abbreviation detection in Vietnamese clinical texts
• Science Abbreviation detection
• Vietnamese clinical texts
• The readability of the records
• metamorphism
• earth sciences
• Research
• scientific research
• scientific reports
• HydrodynamicEnvironmental
• Bathymetry Mapping
• Estimation
• DETERMINING FLOW
• ASTER Data
• HANOI BUS
• Characteristics
• GEOLOGICAL MAP
• evapotranspiration
• biosolids application
• Environmental
• Assessment
• Photochemical
• remote sensing
• Building land
• Classification
• Landscape
• Thunderstorm forecast
• submerged
• Cu concentration