Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services
•
0 j'aime•405 vues
Recommandé
Recommandé
Contenu connexe
Similaire à Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services
Similaire à Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services (20)
Plus de Miguel Pardal
Plus de Miguel Pardal (20)
Dernier
Dernier (20)
Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services
- 1. Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services Miguel Pardal, Mark Harrison, Sanjay Sarma, José Alves Marques Técnico Lisboa, University of Cambridge, Massachusetts Institute of Technology Miguel Pardal, Performance Assessment of XACML Authorizations Slide 1
- 2. Traceability systems assessment framework http://trakchain.net Miguel Pardal, Performance Assessment of XACML Authorizations Slide 2
- 3. Each individual item takes a unique path... The data sharing policy must also be unique! Miguel Pardal, Performance Assessment of XACML Authorizations Slide 3
- 4. Traceability data security Miguel Pardal, Performance Assessment of XACML Authorizations Slide 4
- 5. Data access control Miguel Pardal, Performance Assessment of XACML Authorizations Slide 5
- 6. SCAz – Supply Chain Authorization Language • To express data sharing policies using - EAC - Access control lists - CCT – Chain of Communication Tokens - CTA – Chain of Trust Assertions Miguel Pardal, Performance Assessment of XACML Authorizations Slide 6
- 7. Data sharing policy in RDF format :company0 a cta:Organization . :company1 a cta:Organization . :item0 a cta:Identifier . :record0 a cta:Record . :policy0 a cta:Policy . :company0 cta:publishes :record0 . :record0 cta:about :item0 . :company0 cta:creates :policy0 . :policy0 cta:protects :item0 . :policy0 cta:grantsRead :company0 . :policy0 cta:grantsRead :company1 . Miguel Pardal, Performance Assessment of XACML Authorizations Slide 7
- 8. Data sharing policy in RDF format Miguel Pardal, Performance Assessment of XACML Authorizations Slide 8
- 9. Externalized security • Authentication - SAML • Message level (cryptographic) protection - TLS - WS-Security • Authorization - XACML Miguel Pardal, Performance Assessment of XACML Authorizations Slide 9
- 10. eXtensible Access Control Markup Language Miguel Pardal, Performance Assessment of XACML Authorizations Slide 10
- 11. XACML request processing Miguel Pardal, Performance Assessment of XACML Authorizations Slide 11
- 12. Performance assessment tool Miguel Pardal, Performance Assessment of XACML Authorizations Slide 12
- 13. Raw evaluation time with increasing number of policies Miguel Pardal, Performance Assessment of XACML Authorizations Slide 13
- 14. XACML evaluation time with increasing number of policies Miguel Pardal, Performance Assessment of XACML Authorizations Slide 14
- 15. Raw versus XACML overheads Miguel Pardal, Performance Assessment of XACML Authorizations Slide 15
- 16. Contributions • Data sharing policies - XACML translation - Correctness check - Performance assessment • Chain-of-Trust implementation - Using Semantic Web Technologies - More expressive • Future work - Pharma pedigree & recall case study - Take advantage of added expressivity • Reciprocal trust • Downstream trust •… Miguel Pardal, Performance Assessment of XACML Authorizations Slide 16
- 17. Obrigado! Visit http://trakchain.net Miguel Pardal, Performance Assessment of XACML Authorizations Slide 17