Wolfgang Dobmeier

Learn More
In highly open systems like the Internet, attribute-based access control (ABAC) has proven its appropriateness. The specification and maintenance of ABAC policies however has turned out to be complex and error-prone, especially if heterogeneous attribute schemes are involved. Here, the arising semantic Web can contribute to a solution. This paper presents(More)
In highly open systems like the Internet, attributebased access control (ABAC) has proven its appropriateness. This is reflected in the utilization of ABAC in authentication and authorization infrastructures (AAIs). However, specification and maintenance of ABAC policies has turned out to be complex and error-prone even in federations of limited size,(More)
Moderne Anwendungen aus dem Bereich des e-Commerce, sowie Enterpriseund e-Government-Portale bringen aufgrund der Vielzahl höchst heterogener Benutzer und der Diversität der Informationsressourcen die Notwendigkeit für flexible Autorisierungsund Zugriffskontrollverfahren mit sich. Für den Zugriff auf derartige Anwendungen ist sicherzustellen, dass Benutzer(More)
Web-based systems like enterprise and e-government portals pose special requirements to information security. Today’s portal platforms provide some security functionality, mainly targeting at supporting a single-sign-on for the underlying applications. We argue that singlesign-on is not sufficient, but rather a mature security service is needed as a central(More)
To control the unauthorized access to the resources and services is an emerging security issue in Semantic Web (SW). There are various existing access control models such as Role base, Attribute base, Credential base, Concept level access control models. They all have some strengths and weaknesses with them. In this paper we first take an overview of(More)
Privacy issues have hindered centralised authentication approaches from being adopted by a wide range of users. This also applies to authorizations which suffer from privacy problems when stored and processed centrally. We present first steps towards a framework of privacy-aware handling of authorizations. We split up the storage and the processing of(More)
  • 1