Access Process of Data-Flow in Cross-Domain Usage Control Model Based on XACML


Article Preview

With the rapid development of information technology, more and more requesters need accessing the services in different access domains, which make the access process in cross-domain become more difficultly. The traditional access control models couldn’t solve the access process for their design limitations and diversity access policies. Usage control model (UCON) was proposed to strengthen the expression of access control model, but UCON is only a conceptual model. How to use the UCON in access process? It is worthwhile to further study. Extensible access control markup language (XACML) is an open standard XML-based language, which can be used to describe the security policy. In order to solve the access process in different access domains, based on XACML, access process of data-flow in cross-domain usage control model is proposed in the paper. Access process of data-flow cross different domains in XACML is introduced to solve the cross-domain problem. Finally, a small example is given to verify the effectiveness of access process.



Advanced Materials Research (Volumes 143-144)

Edited by:

H. Wang, B.J. Zhang, X.Z. Liu, D.Z. Luo, S.B. Zhong






C. Y. Dai et al., "Access Process of Data-Flow in Cross-Domain Usage Control Model Based on XACML", Advanced Materials Research, Vols. 143-144, pp. 1275-1279, 2011

Online since:

October 2010




[1] J. Park, R. Sandhu, Security Architecture for Controlled Digital Information Dissemination, Proceedings of the Sixteenth Annual Computer Security Applications Conference (ASSAC), IEEE (2000): 224-233.

[2] eXtensible Access Control Markup Language (XACML) 1. 0 Specification, OASIS Standard, (2003): 4-23.

[3] Xinwen Zhang, Ravi Sandhu, and Francesco Parisi-Presicce, Safety analysis of usage control authorization models", ACM ASIACCS, 06, March 21-24, Taipei, Taiwan, (2006).

DOI: 10.1145/1128817.1128853

[4] R. Sandhu, E.J. Coyne, H.L. Feinstein and C.E. Youman, Role-based access control Models, IEEE Computer, Vol. 29, No. 2, (1996): 38-47.

DOI: 10.1109/2.485845

[5] Xinwen Zhang, Formal model and analysis of usage control, Ph.D. thesis, George Mason University, Fairfax, Virginia, (2006): 3-15.

[6] J. Park, R. Sandhu, The UCONABC usage control model, ACM Transactions on Information and System Security (TISSEC), Vol. 7, No. 1, (2004): 128-174.

DOI: 10.1145/984334.984339

[7] Guoping Zhang, Wentao Gong, Research of Trust Management in Web Services Based on Feedback and Time Decay, 2009 International Symposium on Computer Network and Multimedia Technology (CNMT2009), IEEE (2009): 823-823.

DOI: 10.1109/cnmt.2009.5374501

[8] J. Park, R. Sandhu, Towards usage control models: beyond traditional access control, ACM Symposium on Access control Models and Technologies, Vol. 2, No. 3, (2002): 57-64.

DOI: 10.1145/507721.507722

[9] J. Park, R. Sandhu, Originator Control in Usage Control, Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks(POLICY02), IEEE(2002): 60-66.

DOI: 10.1109/policy.2002.1011294

[10] Changying Dai, Wentao Gong, Model of Services Trust Threshold Assess Based on Fuzzy Theory, 2010 International Conference on E-business and Information System Security (EBISS2010), IEEE (2010): 85-88.

DOI: 10.1109/ebiss.2010.5473596

In order to see related information, you need to Login.