Performance Assessment of XACML Authorizations    for Supply Chain Traceability Web Services     Miguel Pardal, Mark Harri...
Traceability systems assessment framework                                            http://trakchain.net     Miguel Parda...
Each individual item takes a unique path...The data sharing policy must also be unique!        Miguel Pardal, Performance ...
Traceability data securityMiguel Pardal, Performance Assessment of XACML Authorizations   Slide 4
Data access controlMiguel Pardal, Performance Assessment of XACML Authorizations   Slide 5
SCAz – Supply Chain Authorization Language   • To express data sharing policies using     - EAC - Access control lists    ...
Data sharing policy in RDF format         :company0 a cta:Organization .         :company1 a cta:Organization .         :i...
Data sharing policy in RDF format Miguel Pardal, Performance Assessment of XACML Authorizations   Slide 8
Externalized security• Authentication - SAML• Message level (cryptographic) protection - TLS - WS-Security• Authorization ...
eXtensible Access Control Markup Language   Miguel Pardal, Performance Assessment of XACML Authorizations   Slide 10
XACML request processingMiguel Pardal, Performance Assessment of XACML Authorizations   Slide 11
Performance assessment toolMiguel Pardal, Performance Assessment of XACML Authorizations   Slide 12
Raw evaluation time with increasing number of policies   Miguel Pardal, Performance Assessment of XACML Authorizations   S...
XACML evaluation time with increasing number of policies     Miguel Pardal, Performance Assessment of XACML Authorizations...
Raw versus XACML overheadsMiguel Pardal, Performance Assessment of XACML Authorizations   Slide 15
Contributions      • Data sharing policies           - XACML translation           - Correctness check           - Perform...
Obrigado!                      Visit http://trakchain.net    Miguel Pardal, Performance Assessment of XACML Authorizations...
Upcoming SlideShare
Loading in...5
×

Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services

216
-1

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
216
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services

  1. 1. Performance Assessment of XACML Authorizations for Supply Chain Traceability Web Services Miguel Pardal, Mark Harrison, Sanjay Sarma, José Alves Marques Técnico Lisboa, University of Cambridge, Massachusetts Institute of Technology Miguel Pardal, Performance Assessment of XACML Authorizations Slide 1
  2. 2. Traceability systems assessment framework http://trakchain.net Miguel Pardal, Performance Assessment of XACML Authorizations Slide 2
  3. 3. Each individual item takes a unique path...The data sharing policy must also be unique! Miguel Pardal, Performance Assessment of XACML Authorizations Slide 3
  4. 4. Traceability data securityMiguel Pardal, Performance Assessment of XACML Authorizations Slide 4
  5. 5. Data access controlMiguel Pardal, Performance Assessment of XACML Authorizations Slide 5
  6. 6. SCAz – Supply Chain Authorization Language • To express data sharing policies using - EAC - Access control lists - CCT – Chain of Communication Tokens - CTA – Chain of Trust Assertions Miguel Pardal, Performance Assessment of XACML Authorizations Slide 6
  7. 7. Data sharing policy in RDF format :company0 a cta:Organization . :company1 a cta:Organization . :item0 a cta:Identifier . :record0 a cta:Record . :policy0 a cta:Policy . :company0 cta:publishes :record0 . :record0 cta:about :item0 . :company0 cta:creates :policy0 . :policy0 cta:protects :item0 . :policy0 cta:grantsRead :company0 . :policy0 cta:grantsRead :company1 . Miguel Pardal, Performance Assessment of XACML Authorizations Slide 7
  8. 8. Data sharing policy in RDF format Miguel Pardal, Performance Assessment of XACML Authorizations Slide 8
  9. 9. Externalized security• Authentication - SAML• Message level (cryptographic) protection - TLS - WS-Security• Authorization - XACML Miguel Pardal, Performance Assessment of XACML Authorizations Slide 9
  10. 10. eXtensible Access Control Markup Language Miguel Pardal, Performance Assessment of XACML Authorizations Slide 10
  11. 11. XACML request processingMiguel Pardal, Performance Assessment of XACML Authorizations Slide 11
  12. 12. Performance assessment toolMiguel Pardal, Performance Assessment of XACML Authorizations Slide 12
  13. 13. Raw evaluation time with increasing number of policies Miguel Pardal, Performance Assessment of XACML Authorizations Slide 13
  14. 14. XACML evaluation time with increasing number of policies Miguel Pardal, Performance Assessment of XACML Authorizations Slide 14
  15. 15. Raw versus XACML overheadsMiguel Pardal, Performance Assessment of XACML Authorizations Slide 15
  16. 16. Contributions • Data sharing policies - XACML translation - Correctness check - Performance assessment • Chain-of-Trust implementation - Using Semantic Web Technologies - More expressive • Future work - Pharma pedigree & recall case study - Take advantage of added expressivity • Reciprocal trust • Downstream trust •…Miguel Pardal, Performance Assessment of XACML Authorizations Slide 16
  17. 17. Obrigado! Visit http://trakchain.net Miguel Pardal, Performance Assessment of XACML Authorizations Slide 17
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×