Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A holistic approach to security policies - policy distribution with XACML over COPS

: Peters, J.; Rieke, R.; Rochaeli, T.; Steinemann, B.; Wolf, R.


Beek, M. ter:
Second International Workshop on Views on Designing Complex Architectures, VODCA 2006. Proceedings : Bertinoro, Italy, 16-17 September 2006
Amsterdam: Elsevier, 2007 (Electronic Notes in Theoretical Computer Science 168)
ISSN: 1571-0661
International Workshop on Views on Designing Complex Architectures (VODCA) <2, 2006, Bertinoro/Italy>
Konferenzbeitrag, Zeitschriftenaufsatz
Fraunhofer IGD ()
Fraunhofer SIT ()
security policy; web services; access control; security protocol

The potentials of modern information technology can only be exploited, if the underlying infrastructure and the applied applications sufficiently take into account all aspects of IT security. This paper presents the platform architecture of the SicAri project, which aims to build a security platform for ubiquitous Internet usage, and gives an overview of the implicitly and explicitly used security mechanisms to enable access control for service oriented applications in distributed environments. The paper will introduce the security policy integration concept with a special focus on distribution of security policies within the service infrastructure for transparent policy enforcement. We describe in details our extensions of the COPS protocol to transport XACML payload for security policy distribution and policy decision requests/responses.