Abstract

This paper presents a PCIM-based framework for storing and enforcing RBAC (role based access control) policies in distributed heterogeneous systems. PCIM (policy core information model) is a generic information model proposed by IETF. This paper proposes a PCIM extension, called RBPIM (role-based policy information model), in order to represent network access policies based on the RBAC model. An RBPlM implementation framework based on the POP/PEP (policy decision point/policy enforcement point) approach is also presented. In the proposed framework, the communication between the PDP and the PEPs is implemented using the COPS (common open policy service) protocol, also defined by the IETF. The framework adopts the outsourcing approach, where the policy rules are evaluated by the PDP, as defined by the COPS standard. This paper evaluates the outsourcing model for access control by presenting a case study and the average response time of PDP under different load conditions.

Full Text

Published Version

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.