Location Awareness Extensions to XGTRBAC David W' Bettis - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

Location Awareness Extensions to XGTRBAC David W' Bettis

Description:

Use Geographic Markup Language (GML) as attributes in credentials. GML has the concepts of... Attribute name='campus' type='Feature' usage='mand' ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 2
Provided by: coj9
Category:

less

Transcript and Presenter's Notes

Title: Location Awareness Extensions to XGTRBAC David W' Bettis


1
Location Awareness Extensions to X-GTRBACDavid
W. Bettis
Example
Overview
ltXCredTypeDef xctd_id"Campus_XCTD"gt
ltCredentialType cred_type_id"cS"
type_name"Student ref"StudentSchema"gt
ltAttributeListgt ltAttribute name"campus"
type"Feature" usage"mand" /gt
lt/AttributeListgt lt/CredentialTypegt
ltCredentialType cred_type_id"cSS"
type_name"StudentSchema" /gt lt/XCredTypeDefgt ltRol
e role_id"rSS" role_name"StudentSchemaRole"gt
ltCredType cred_type_id"cSS" type_name"StudentSch
ema"gt ltEnabConstraintgt ltEnabConditiongt
ltLogicalExprgt ltPredicategt
ltOperatorgtcontained_inlt/Operatorgt
ltFuncNamegtgetCampusSectorlt/FuncNamegt
ltRetValue type"reference"gtcampuslt/RetValuegt
lt/Predicategt lt/LogicalExprgt
lt/EnabConditiongt lt/EnabConstraintgt
lt/CredTypegt lt/Rolegt ltRole role_id"rSP"
role_name"SPurdue"gt ltCredType
cred_type_id"cSS" type_name"Student"gt
ltCredExprgt ltAttribute name"campus"gt
ltFeaturegt lt!-- optional descriptive metadata
--gt ltgmlnamegtPurdue University-West
Lafayettelt/gmlnamegt ltgmldescriptiongtA
fantastic school.lt/gmldescriptiongt lt!--
This is the rectangular area defining Purdue.
--gt ltgmlextentOfgt ltgmlEnvelopegt
ltgmllowerCornergt0 0lt/gmllowerCornergt
ltgmlupperCornergt100 100lt/gmlupperCornergt
lt/gmlEnvelopegt lt/gmlextentOfgt
lt/Featuregt lt/Attributegt lt/CredExprgt
lt/CredTypegt lt/Rolegt
  • GEO-RBAC RBAC with notions of location allows
    spatial constraints on roles
  • X-GTRBAC a generalized XML formulation for
    RBAC, additionally supporting temporal
    constraints
  • Project goal Extend X-GTRBAC to describe
    GEO-RBAC policies.

Spatial Structures
  • Need to have a way to represent features and
    geometries in XML
  • Use Geographic Markup Language (GML) as
    attributes in credentials
  • GML has the concepts of
  • Features, which have a set of pre-defined
    attributes (name, description, boundedBy), but
    are abstract, so depend on an application schema
  • Geometries, points, polygons, so on and so forth.
  • Define an element ltFeaturegt derived from
    ltgml_Featuregt which has a single required
    element gmlextentOf

Spatial Constraints
  • Use credentials to specify spatial constraints
  • The ltFuncNamegt needs to go and fetch the users
    absolute position and translate it to a feature
  • Augment the set of operators with contained_in,
    which tests for geometric containment

Role Schemas
  • This approach results in rather lengthy policy
    descriptions
  • Would rather have ltFeaturegt not be duplicated
  • So role schemas are implemented as credentials
    that reference other credentials

CS 526 Information Security Fall 2005
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Location Awareness Extensions to XGTRBAC David W' Bettis" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!