A Semantic Approach for context-aware Authorization in Enterprise Systems

Thesis is delivered
The thesis was delivered in December 2013 and can be downloaded here: [[Media:201312Semantic_Approach_for_Authorization_Enterprise_Systems_Folkeseth.pdf]]

= Driving Questions =
 * Provide an overview on security policies
 * What are their advantages/limitations?
 * Provide examples on implementations


 * Provide an overview on various authentication schemes, including role-based and attribute-based authentication


 * Establish a model for the cost/benefit analysis of authentication schemes
 * Evaluate implementations/practices against this model
 * Time/resource saver?


 * Extend the model taken into considerations
 * Third-party access control schemes
 * Password recycling
 * Password reset self-service
 * Policies


 * Perform a study on SSO extensions to include advanced authentication schemes such as RBAC and ABAC
 * Single sign-on?
 * Duration
 * Common practice


 * Apply the model for SSO-based systems with RBAC/ABAC
 * Different practices for different purposes?

Scientific papers
Semantic web

Mushfiq Ph.d

Mushfiq publication #1 2010

Claim based authentication

ederated Claims Based Authentication and Access Control in the Vehicular Networks, 2011

Single Sign-on

Single Sign-On Architectures, 2002

Role Based Access Control

An Approach to Access Control under Uncertainty, 2011

Attribute-based access control

Towards Semantic-Enhanced Attribute-Based Access Control for Cloud Services, UNIK, June 2012

Papers for UNIK4710

A Semantic Model For Authentication Protocols, 1993

Towards a Precise Semantics for Authenticity and Trust, 2006

The Semantic Web, 2001

A semantic based access control model, 2006

Authorization and privacy for semantic Web services, 2004

Semantic Authorization of Mobile Web Services, 2006

Keywords

 * PGP (Pretty Good Privacy)
 * Public-key cryptography