x
Home
Search
Topics
Almanac
Science
Nature
People
History
Society
Signup
Login
HOME
TOPICS
ALMANAC
SCIENCE
NATURE
PEOPLE
HISTORY
SOCIETY
PHILOSOPHY
SecPAL
Topic Home
Discussion
0
Definition
Encyclopedia
SecPAL is a declarative, logic-based, security policy language that has been developed to support the complex access control
Access control
Access control refers to exerting control over who can interact with a resource. Often but not always, this involves an authority, who does the controlling. The resource can be a given building, group of buildings, or computer-based information system...

 requirements of large scale distributed computing
Distributed computing
Distributed computing is a field of computer science that studies distributed systems. A distributed system consists of multiple autonomous computers that communicate through a computer network. The computers interact with each other in order to achieve a common goal...

 environments.

Common Access Control Requirements

Here is a partial-list of some of the challenges that SecPAL addresses:
  • How does an organization establish a fine-grained trust relationship with another organization across organizational boundaries?
  • How does a user delegate a subset of a user’s rights (constrained delegation) to another user residing either in the same organization or in a different organization?
  • How can access control policy be authored and reviewed in a manner that is human readable
    Human-readable
    A human-readable medium or human-readable format is a representation of data or information that can be naturally read by humans.In computing, human-readable data is often encoded as ASCII or Unicode text, rather than presented in a binary representation...

     - allowing auditors and non-technical people to understand such policies?
  • How does an organization support compliance regulations requiring that a system be able to demonstrate exactly why it was that a user was granted access to a resource?
  • How can policies be authored, composed and evaluated in a manner that is efficient, deterministic and tractable?

Additional Research

  • IEEE Grid 2007 - Fine Grained Access Control Using SecPAL - http://www.cs.virginia.edu/~humphrey/papers/GridFTP_SecPAL_2007.pdf
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
Silverdale Interactive © 2024. All Rights Reserved.
 
x
OK