Rolf Schillinger scite author profile

Rolf Schillinger

5Publications

32Citation Statements Received

43Citation Statements Given

How they've been cited

How they cite others

Affiliations

Technical University of Applied Sciences Würzburg-Schweinfurt, University of Regensburg, University of Augsburg

Publications

Order By: Most citations

A Privacy-Enhanced Attribute-Based Access Control System

Kolter

Schillinger

Pernul

2007

View full text Add to dashboard Cite

Service-oriented architectures (SOAs) are increasingly gaining popularity due to their considerable flexibility and scalability in open IT-environments. Along with their rising acceptance comes the need for well suited security components. In this respect, access control and privacy emerged to crucial factors. Targeting the demands of a SOA, many promising authorization models have been developed, most notably the attribute-based access control (ABAC) model. In this paper we take up concepts from the OASIS XACML and WS-XACML specifications and introduce a dynamic ABAC system that incorporates privacy preferences of the service requestor in the access control process. Separating the Policy Decision Point from the service provider's premises, our infrastructure enables the deployment of alternative PDPs the service requestor can choose from. We employ a PKI to reflect the sufficient trust relation between the service provider and a potential PDP. Our work is carried out within the European research project Access-eGov that aims at a European-wide e-Government service platform.

show abstract

Security Requirements for a Semantic Service-oriented Architecture

Dürbeck

Schillinger

Kolter

2007

View full text Add to dashboard Cite

Service-oriented architectures (SOAs) are a commonly used paradigm for IT infrastructures in various fields. Due to their flexibility and the easy accessibility of their underlying web services, SOAs are the architecture of choice for more and more service providers. Semantic SOAs (SSOAs) are going one step further and are enhancing the common SOA with semantic components.However, a major success criterion of any SOA is the existence of a reliant security infrastructure. Therefore, this paper identifies security requirements for an eGovernment SSOA focusing on communication security, trust, privacy and access control. Our work is based on the architecture designed within the scope of the European research project Access-eGov, which envisions the development of a SSOAbased eGovernment platform.

show abstract

Building a Distributed Semantic-aware Security Architecture

Kolter

Schillinger

Pernul

2007

View full text Add to dashboard Cite

Abstract. Enhancing the service-oriented architecture paradigm with semantic components is a new field of research and goal of many ongoing projects. The results lead to more powerful web applications with less development effort and better user support. While some of these advantages are without doubt novel, challenges and opportunities for the security arise. In this paper we introduce a security architecture built in a semantic service-oriented architecture. Focusing on an attributebased access control approach, we present an access control model that facilitates semantic attribute matching and ontology mapping. Furthermore, our security architecture is capable of distributing the Policy Decision Point (PDP) from the service provider to different locations in the platform, eliminating the need of disclosing privacy-sensitive user attributes to the service provider. With respect to privacy preferences of the user and trust settings of the service provider, our approach allows for dynamically selecting a PDP. With more advanced trusted computing technology in the future it is possible to place the PDP on user side, reaching a maximum level of privacy.

show abstract

A Semantic Security Architecture for Web Services The Access-eGov Solution

Dürbeck

Fritsch

Pernul

et al. 2010

View full text Add to dashboard Cite

Abstract-The shift from mere service-oriented architectures (SOA) to semantically enriched approaches is especially being forced in multi-domain environments that the public sector in the European Union is an example for. The security aspect is lagging behind its possibilities, and new access control approaches native to the semantic environment need to be applied. Based on architectural research work conducted within the EU-funded research project Access-eGov, we outline our implementation of a semantic security architecture for web services by using industry-standard technologies and combining them with semantic enhancements.

show abstract

Sprengtechnik und Umwelt in der Praxis

Schillinger¹

2009

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.