Skip to Main Content
Attribute Based Access Control can define permissions based on just about any security relevant characteristics of requestors, actions, resources, and environment, known as attributes. XACML is an access control OASIS standard compliant to this approach. Although XACML seems to allow the specification and enforcement of any access control policy, current tools can require modifying the source code of the authorization decision system when policy includes non-standard information. In this article, we present an XACML authorization web service that can be extended when needed. It is composed of a core element implementing OASIS standard and additional modules for new security information. We apply this approach to dynamic web sites access control management.
Date of Conference: Nov. 29 2009-Dec. 4 2009