Год выпуска: 2010 Автор: Filip Hofer Издательство: LAP Lambert Academic Publishing Страниц: 96 ISBN: 9783843363457
Описание
Computing platforms – such as Windows operating systems – traditionally support authorization to protect accesses to well-defined persistent objects, e.g., files. Operating system authorization is usually based on the model of Discretionary Access Control (DAC) and is realized via Access Control Lists (ACLs). These mechanisms do not satisfy the needs of applications that process resources at higher levels of abstraction than the operating system. Therefore, Microsoft introduced a new authorization framework – Authorization Manager (AzMan) – which is built on the Role-Based Access Control (RBAC) model. This book presents experiences with AzMan and investigates possible relations to other technologies, such as XACML and PCIM. The comparison focuses on AzMan versus XACML and leads to proposing integrated solutions to overcome identified deficiencies of AzMan. Prototype implementations are described and the usage of the technologies is demonstrated. Results are used to assess the...
