Validation of Access Control Systems

Bertolino, Antonia; Le, Traon Yves; Lonetti, Francesca; Marchetti, Eda; Mouelhi, Tejeddine

doi:10.1007/978-3-319-07452-8_9

Cited by 2 publications

(6 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This model relies on classical eXtensible Access Control Markup Language (XACML) [9] based approaches, which are already widely used today in corporations to enforce dataaccess control. XACML is a de-facto standard in the field of data security policy languages [10,11]. In earlier days, policies were directly included into applications and were mixed up with application logic.…”

Section: Sunfish: Secure Cloud Federationsmentioning

confidence: 99%

“…The PDP is now able to authenticate the user and authorizes access to the requested cloud application (10). When access has been granted by the PDP, PEG-A assembles required identity and role attributes (11). These attributes are added to the user's applicationaccess request that is then forwarded to the cloud application.…”

Section: Process Flowsmentioning

confidence: 99%

“…If the provided data can be verified successfully, IDP-X creates an eIDAScompliant identity assertion (10). This assertion is transmitted to IDP-Y via the established eIDAS-based eID-interoperability framework (11). If necessary, IDP-Y transforms the received assertion, e.g.…”

Section: Process Flowsmentioning

confidence: 99%

See 2 more Smart Citations

A Federation of Federations: Secure Cloud Federations meet European Identity Federations

Zefferer¹,

Ziegler

Reiter³

2018

IJISR

View full text Add to dashboard Cite

In the field of information-technology (IT) federation of systems allows combining multiple components in order to provide better service quality or reduce administrative overhead. Two important domains in the field of federated solutions include cloud computing and electronic identity (eID). However, most research in this field has so far focused on one specific domain without considering cross-domain federations. The problem of creating a federation of federations, composed of multiple federated solutions from different domains into one holistic solution has not been adequately addressed up to now. As a result, potentials and limitations of combined federated solutions remain unclear. We bridge this gap by proposing a solution that integrates an existing pan-European federation of national eID systems into a framework that enables secure cloud federations. We further demonstrate the feasibility and great potential of combining multiple federations from different IT domains in a successful implementation and deployment.

show abstract

Section: Sunfish: Secure Cloud Federationsmentioning

confidence: 99%

Section: Process Flowsmentioning

confidence: 99%

See 1 more Smart Citation

A Federation of Federations: Secure Cloud Federations meet European Identity Federations

Zefferer¹,

Ziegler

Reiter³

2018

IJISR

View full text Add to dashboard Cite

show abstract

“…For this purpose, SUNFISH has developed FaaS, an extended and flexible data-security governance model, which supports a variety of scenarios. FaaS relies on classical eXtensible Access Control Markup Language (XACML) [7] based approaches, which are already widely used today to enforce data-access control [1] [4].…”

Section: A Sunfish: Secure Cloud Federationsmentioning

confidence: 99%

“…Overcoming this challenge has been the goal of the European Union (EU) funded research project SUNFISH 1 . SUNFSIH has introduced the concept of Federation as a Service (FaaS).…”

Section: Introductionmentioning

confidence: 99%

Best of two worlds: Secure cloud federations meet eIDAS

Zefferer¹,

Ziegler

Reiter

2017

2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)

View full text Add to dashboard Cite

The federation of information technology (IT) systems is a common approach to bundle capabilities and get the best results for all participants. Cloud computing and electronic identity (eID) are only two out of many domains, for which federated solutions have been a topic of scientific and corporate interest during the past years. Recently, the H2020 project SUNFISH has introduced a new cloud-federation approach called 'Federation as a Service' (FaaS). FaaS enables secure cloud federations, where data owners remain in full control of their data and workflows. In this paper, we identify shortcomings of the FaaS approach in terms of secure and reliable user authentication. In this sense, data security and protection mechanisms are only as good as the applied authentication measures. We solve this issue by proposing the integration of an existing pan-European federation of national eID systems into FaaS. This increases security guarantees of FaaS by using a trustworthy and liable eID solution that has a strong legal basis in the form of the EU eIDAS Regulation. A first successful implementation and deployment of the proposed solution demonstrates its feasibility and shows the great potential of combining federation solutions from the cloud domain and the eID domain.

show abstract

Validation of Access Control Systems

Cited by 2 publications

References 25 publications

A Federation of Federations: Secure Cloud Federations meet European Identity Federations

A Federation of Federations: Secure Cloud Federations meet European Identity Federations

Best of two worlds: Secure cloud federations meet eIDAS

Contact Info

Product

Resources

About