Αξιολόγηση των γλωσσών αποτύπωσης πολιτικών ασφάλειας (γλώσσα XACML) και υλοποίηση μιας πρότυπης πολιτικής ασφάλειας
Καφρίτσα, Μαρία Ι.
SubjectComputer systems -- Management ; Computer systems -- Access control ; Computer security ; Data protection
The subject of the present diploma thesis is the study and evaluation of XACML policy language. Furthermore, XACML is being utilized for expressing the security policy that regulates the access control function for users of an eHealthcare Information System. The thesis is structured as follows. Chapter 1 provides an introduction to the field of access control and to OASIS standard, extensible Access Control Markup Language (XACML) V3.0. Also, Attribute Based Access Control (ABAC) model is being depicted as a supported mechanism by XACML. Chapter 2 describes the basic components that are being included in a Healthcare Information System, that is the different kind of users and the type of resources encountered. WSO2 Identity Server is also presented in this chapter, since it is the development environment for the security policy.