Just for indexing purposes.
Policies, models and mechanisms:
“Access Control: Policies, Models, and Mechanisms”
“Access Control Policies and Mechanisms”
Role Based Access Control
RBAC at NIST
Posts Tagged ‘Security’
Note to self: access control concepts
Posted in Uncategorized, tagged access control, Security on November 4, 2009 | Leave a Comment »
What are claims?
Posted in Uncategorized, tagged claims, identity, Security on July 31, 2008 | 2 Comments »
The use of classical identity based access control models, on which authorization decisions are based on the requestor unique identifier, is not adequate for large scale decentralized systems, such as the World-Wide Web. Several aspects contribute to this inadequacy, namely:
Access control policy -When an access request crosses security domains, the identifier of the requestor on [...]
The case of the missing ‘Dialect’ (epilogue)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 28, 2008 | Leave a Comment »
Just a couple of concluding remarks on this series of posts.
1. Claims checking
The scenario presented in the previous posts contains a subtle flaw: the claims are being requested but not being checked by the service. Even in the first version, where the claim requirements are configured in the service’s binding, the presence of this claims [...]
The case of the missing ‘Dialect’ (part 5)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 26, 2008 | 2 Comments »
This is the fifth in a series of posts [part1, part2, part3, part4] where I describe some issues regarding the usage of claims requirements on the WCF platform.
In the last post, I described how to build a service that relies on the BizTalk Identity Services for the authorization decisions, and also how to build a [...]
The case of the missing ‘Dialect’ (Part 4)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 24, 2008 | 1 Comment »
This is the fourth in a series of posts [part1, part2,part3] where I describe some issues regarding the usage of claims requirements on the WCF platform.
In the previous two posts, I presented some information regarding the BizTalk Identity Services STS.
In this post I will show how to build a minimalistic WCF service that relies on [...]
The case of the missing ‘Dialect’ (part 3)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 22, 2008 | 1 Comment »
This is the third in a series of posts [first, second] where I describe some issues regarding the definition and usage of claim requirements on the WCF platform.
In the last post, I introduced the BizTalk Identity Services as an example of an publicly available STS. In this post I will describe some aspects of the [...]
The case of the missing ‘Dialect’ (part 2)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 21, 2008 | 3 Comments »
This is the second post of a series where I describe some issues regarding the definition and usage of claim requirements on the Windows Communication Foundation (WCF) platform. On the first post, I introduced the concept of claim requirements, and how to express them in WS-Policy and WCF. In this post I begin to introduce [...]
The case of the missing ‘Dialect’ (Part 1)
Posted in Uncategorized, tagged Security, WCF, WS-* on May 20, 2008 | 4 Comments »
This is the first post of a series where I describe some issues regarding the definition and usage of claim requirements on the Windows Communication Foundation (WCF) platform.
Introduction
The constraints and requirements of a WCF service can be expressed by a policy, defined according to the WS-Policy spec framework. Typically, this policy is automatically generated from [...]
Pages
-
Recent Posts
Archives
Tags
-
