Skip to main content
Kent Academic Repository

RBAC Policies in XML for X.509 Based Privilege Management

Chadwick, D.W. and Otenko, A. (2002) RBAC Policies in XML for X.509 Based Privilege Management. In: Ghonaimy, Adeeb and El-Hadidi, Mahmoud T. and Aslan, Heba Kamal, eds. Security in the Information Society: Visions and Perspectives. IFIP Advances in Information and Communication Technology . Springer, Boston, Massachusetts, USA, pp. 39-54. ISBN 978-1-4757-1026-7. E-ISBN 978-0-387-35586-3. (doi:10.1007/978-0-387-35586-3_3) (KAR id:13791)


This paper describes a role based access control policy template for use by privilege management infrastructures where the roles are stored as X.509 Attribute Certificates in an LDAP directory. There is a brief description of the X.509 privilege management model, and how it can be used to implement RBAC. Policies that conform to the template are written in XML, and the template is specified as a DTD. (A future version will specify it as an XML schema). The policy is designed to be used by the PERMIS API, a Java specification for an Access Control Decision Function based on the ISO 10181 Access Control Framework and the Open Group’s AZN API.

Item Type: Book section
DOI/Identification number: 10.1007/978-0-387-35586-3_3
Uncontrolled keywords: X.509; Attribute Certificates; RBAC; LDAP; Role Based Access Controls; Policy Based Access Controls; XML; DTD
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:00 UTC
Last Modified: 16 Nov 2021 09:51 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.