Protocols for policy negotiation
BMBF-Project SicAri: Deliverable - Work Package PE3; Projekt-Laufzeit: 01.10.2003 - 30.09.2007
The scope of the policy working group in the context of the protocol engineering activities in the SicAri project is, to develop protocols for the negotiation and provisioning of policies in the SicAri architecture. This complements the research focused on policy patterns, the policy-refinement process, policy evaluation, and policy specification languages in other SicAri work packages. This report covers the latest research in the field of policy negotiation and the Web Service Policy Language (WSPL). Further, policy negotiating scenarios are described, SicAri platform bootstrapping is covered, and requirements for policy provisioning and service access in the SicAri platform are derived. After presenting the base technologies used throughout the SicAri framework such as the Common Open Policy Service (COPS) protocol and extensions thereof, the main concepts of Role-Based Access Control (RBAC) and the Extensible Access Control Markup Language (XACML) are introduced. Finally, the SicAri policy framework with a focus on architecture and integration of the policy negotiation and provisioning protocol and the logical entities such as policy enforcement points (PEPs) and policy decision point (PDP) that are using this facility are presented.
Fraunhofer-Institut für Graphische Datenverarbeitung -IGD-, Darmstadt
Fraunhofer-Institut für Sichere Informationstechnologie -SIT-, Darmstadt
Bundesministerium für Bildung und Forschung -BMBF-