In this thesis, we propose an extension of an existing RAAC abstract model that supports risk assessment, risk-aware authorisation decision making and the use of system and user obligations as risk mitigation methods. We also propose an implementation of the extended abstract model based on XACML, a standard that defines an XML-based language for the specification of access control policies, requests and responses. We develop a novel Risk-Aware Group Based Access Control (RA-GBAC)
Risk-Aware Access Control And XACML
Gasparini, Luca
2013/2014
Abstract
In this thesis, we propose an extension of an existing RAAC abstract model that supports risk assessment, risk-aware authorisation decision making and the use of system and user obligations as risk mitigation methods. We also propose an implementation of the extended abstract model based on XACML, a standard that defines an XML-based language for the specification of access control policies, requests and responses. We develop a novel Risk-Aware Group Based Access Control (RA-GBAC)File in questo prodotto:
File | Dimensione | Formato | |
---|---|---|---|
TesiGasparini1014325.pdf
accesso aperto
Dimensione
748.67 kB
Formato
Adobe PDF
|
748.67 kB | Adobe PDF | Visualizza/Apri |
The text of this website © Università degli studi di Padova. Full Text are published under a non-exclusive license. Metadata are under a CC0 License
Utilizza questo identificativo per citare o creare un link a questo documento:
https://hdl.handle.net/20.500.12608/16598