Abstract
This paper analyzes XACML (OASIS eXtensible Access Control Markup Language) with an emphasis on the RBAC (Role Based Access Control) profile of this language. Terms and theoretical concepts related to access control are explained. The definition of access rights through policies was discussed, which would meet the requirements for basic and hierarchical RBAC. A description of the implemented application and a representation of representative parts of the code are given..
References
[1] A. Poniszewska-Maranda, Management of access control in information system based on role concept, 2011.
[2] D. R. K. R. C. David F. Ferraiolo, Role-Based Access Control - Second edition, 2007.
[3] H. Bill Parducci, XACML v3.0 Core and Hierarchical Role Based Access Control RBAC) Profile Version 1.0 Committee Specification 02, 2014.
[4] S. I. T. I. Council, American National Standard for Information Technology – Role Based Access Control, 2004.
[5] The eXtensible Access Control Markup Language (XACML), Version 3.0, OASIS Standard, 2013.
[6] R. C. R. K. a. V. H. David Ferraiolo, Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), 2016.
[7] S. M. Anne Anderson, Core and Hierarchical Role Based Access Control (RBAC) profile of XACML v2.0, 2005.