Skip to main content

RBAC Policies in XML for X.509 Based Privilege Management

Chadwick, D.W. and Otenko, A. (2002) RBAC Policies in XML for X.509 Based Privilege Management. In: Ghonaimy, Adeeb and El-Hadidi, Mahmoud T. and Aslan, Heba Kamal, eds. Security in the Information Society: Visions and Perspectives. IFIP Advances in Information and Communication Technology . Springer, Boston, Massachusetts, USA, pp. 39-54. ISBN 978-1-4757-1026-7. E-ISBN 978-0-387-35586-3. (doi:10.1007/978-0-387-35586-3_3)


This paper describes a role based access control policy template for use by privilege management infrastructures where the roles are stored as X.509 Attribute Certificates in an LDAP directory. There is a brief description of the X.509 privilege management model, and how it can be used to implement RBAC. Policies that conform to the template are written in XML, and the template is specified as a DTD. (A future version will specify it as an XML schema). The policy is designed to be used by the PERMIS API, a Java specification for an Access Control Decision Function based on the ISO 10181 Access Control Framework and the Open Group’s AZN API.

Item Type: Book section
DOI/Identification number: 10.1007/978-0-387-35586-3_3
Uncontrolled keywords: X.509; Attribute Certificates; RBAC; LDAP; Role Based Access Controls; Policy Based Access Controls; XML; DTD
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:00 UTC
Last Modified: 23 Jan 2020 04:02 UTC
Resource URI: (The current URI for this page, for reference purposes)
Chadwick, D.W.:
  • Depositors only (login required):


Downloads per month over past year