Conference Paper

Access Control for Smart Manufacturing Systems

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

In the ongoing 4th industrial revolution, a new paradigm of modular and flexible manufacturing factories powered by IoT devices, cloud computing, big data analytics and artificial intelligence is emerging. It promises increased cost efficiency, reduced time-to-market and extreme customization. However, there is a risk that technical assets within such systems will be targeted by cybersecurity attacks. A compromised device in a smart manufacturing system could cause a significant damage, not only economically for the factory owner, but also physically on humans, machinery and the environment. Strict and granular Access Control is one of the main protective mechanisms against compromised devices in any system. In this paper we discuss the requirements and implications of Access Control within the context of Smart Manufacturing. The contributions of this paper are twofold: first we derive requirements on an Access Control Model in the context of smart manufacturing, and then asses the Attribute Based Access Control model against these requirements in the context of a use case scenario.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... While advancements in AI, smart sensor systems, and cloud technologies are driving innovation in the manufacturing sector, the integration of IIoT, cloud databases, industrial robots, and wireless networks have made smart manufacturing systems more vulnerable to cyber-attacks [Wu et al., 2018]. A compromised device, machine, robot, or computer system within a smart manufacturing system can lead to significant economic losses, environmental damage, and unsafe working conditions resulting in bodily injuries or even deaths [Leander et al., 2020]. Therefore, cybersecurity has become a primary technology of smart manufacturing systems. ...
... Cybersecurity technologies help to prevent or mitigate the effect of cyber-attacks. Emerging cybersecurity technologies in smart manufacturing include AI for intrusion detection and handling, end-to-end encryption to prevent data being read or secretly modified, machine authentication for authorizing automated Human-to-Machine (H2M) or Machine-to-Machine (M2M) communication, rule-based access control for restricting system access to only authorized users, and blockchain for security and traceability of sensitive manufacturing information [Wu et al., 2018;Leander et al., 2020]. ...
Chapter
Full-text available
Smart Manufacturing, Industry 4.0, and Digital Transformation are reshaping the manufacturing sector on a global scale. These initiatives are predominantly technology-driven and enabled, and supported by the so-called "smart technologies". In this book chapter, we take on a sustainability perspective to understand the impact of smart manufacturing technologies on the Triple Bottom Line (TBL). First, we derive and identify ten smart manufacturing technology clusters from recent literature. Second, we discuss each with a focus on the three TBL dimensions, namely: economic, environmental, and social bottom lines. Third, we discuss the challenges and barriers that hinder the widespread adoption of the identified technology clusters. We conclude the chapter with a bold outlook on the future development of and the many opportunities offered by smart manufacturing technologies with regards to sustainable manufacturing operations.
... Policy models for industrial control systems are discussed in a few published articles, e.g., by Leander et al. [17], in relation to smart manufacturing and Bhatt et al. [18] related to the emerging Secure Smart Communities. ...
Conference Paper
Industrial systems have traditionally been kept isolated from external networks. However, business benefits are pushing for a convergence between the industrial systems and new information technology environments such as cloud computing, as well as higher level of connectivity between different systems. This makes cybersecurity a growing concern for industrial systems. In strengthening security, access control is a fundamental mechanisms for providing security in these systems. However, access control is relatively immature in traditional industrial systems, as compared to modern IT systems, and organizations' adherence to an established cybersecurity standard or guideline can be a deciding factor for choices of access control techniques used. This paper presents the results of a questionnaire study on the usage of access control within industrial system that are being developed, serviced or operated by Swedish organizations, contrasted to their usage of cybersecurity standards and guidelines. To be precise, the article focuses on two fundamental requirements of cybersecurity: identification and authentication control, and presents related findings based on a survey of the Swedish industry. The goal of the study is breaching the gap between the current state and the requirements of emerging systems with regards to access control.
... Due to the massive connectivity of devices in IIoT and the data collection/sharing capability, there is a need for hierarchical access control in industrial environments. Research has shown that traditional access control methods are not enough for IIoT networks [110], which is the same for the conventional IoT environments. While different architectures have been proposed for IoT, no generic architecture can be referenced as a standard model where an access control model can be employed uniquely. ...
Article
Full-text available
Internet of Things (IoT) applications and services are becoming more prevalent in our everyday life. However, such an interconnected network of intelligent physical entities needs appropriate security to sensitive information. That said, the need for proper authentication and authorization is paramount. Access control is in the front line of such mechanisms. Access control determines the use of resources only to the specified and authorized users based on appropriate policy enforcement. IoT demands more sophisticated access control in terms of its usability and efficiency in protecting sensitive information. This conveys the need for access control to serve system-specific requirements and be flexibly combined with other access control approaches. In this paper, we discuss the potential for employing protocol-based and hybrid access control for IoT systems and examine how that can overcome the limitations of traditional access control mechanisms. We also focus on the key benefits and constraints of this integration. Our work further enhances the need to build hierarchical access control for large-scale IoT systems (e.g., Industrial IoT (IIoT) settings) with protocol-based and hybrid access control approaches. We, moreover, list the associated open issues to make such approaches efficient for access control in large-scale IoT systems.
... In a previous study [37], requirements on access control models for use in Smart Manufacturing systems are presented and discussed. One of the main issues raised is the management effort required to uphold a policy framework following the principle of least privilege in dynamic manufacturing systems. ...
Article
Full-text available
Industrial control systems control and supervise our most important and critical infrastructures, such as power utilities, clean water plants and nuclear plants, as well as the manufacturing industries at the base of our economy. These systems are currently undergoing a transformation driven by the Industry 4.0 evolution, characterized by increased connectivity and flexibility. Consequently, the cybersecurity threat landscape for industrial control systems is evolving as well. Current strategies used for access control within industrial control systems are relatively rudimentary. It is evident that some of the emerging cybersecurity threats related to Industry 4.0 could be better mitigated using more fine-grained access control policies. In this article we discuss a number of access control strategies that might be used within manufacturing systems. Moreover, we evaluate the strategies in a number of attack-scenarios, and outline a method for automatic policy-generation based on engineering-data, aligned with one of these strategies.
Chapter
Full-text available
The Industrial Internet of Things (IIoT) is an ecosystem that consists of -- among others -- various networked sensors and actuators, achieving mainly advancements related with lowering production costs and providing workflow flexibility. Introducing access control in such environments is considered to be challenging, mainly due to the variety of technologies and protocols in IIoT devices and networks. Thus, various access control models and mechanisms should be examined, as well as the additional access control requirements posed by these industrial environments. To achieve these aims, we elaborate on existing state-of-the-art access control models and architectures and investigate access control requirements in IIoT, respectively. These steps provide valuable indications on what type of an access control model and architecture may be beneficial for application in the IIoT. We describe an access control architecture capable of achieving access control in IIoT using a layered approach and based on existing virtualization concepts (e.g., the cloud). Furthermore, we provide information on the functionality of the individual access control related components, as well as where these should be placed in the overall architecture. Considering this research area to be challenging, we finally discuss open issues and anticipate these directions to provide interesting multi-disciplinary insights in both industry and academia.
Article
Full-text available
A revolution in manufacturing systems is underway: substantial recent investment has been directed towards the development of smart manufacturing systems that are able to respond in real time to changes in customer demands, as well as the conditions in the supply chain and in the factory itself. Smart manufacturing is a key component of the broader thrust towards Industry 4.0, and relies on the creation of a bridge between digital and physical environments through Internet of Things (IoT) technologies, coupled with enhancements to those digital environments through greater use of cloud systems, data analytics and machine learning. Whilst these individual technologies have been in development for some time, their integration with industrial systems leads to new challenges as well as potential benefits. In this paper, we explore the challenges faced by those wishing to secure smart manufacturing systems. Lessons from history suggest that where an attempt has been made to retrofit security on systems for which the primary driver was the development of functionality, there are inevitable and costly breaches. Indeed, today's manufacturing systems have started to experience this over the past few years; however, the integration of complex smart manufacturing technologies massively increases the scope for attack from adversaries aiming at industrial espionage and sabotage. The potential outcome of these attacks ranges from economic damage and lost production, through injury and loss of life, to catastrophic nation-wide effects. In this paper, we discuss the security of existing industrial and manufacturing systems, existing vulnerabilities, potential future cyber-attacks, the weaknesses of existing measures, the levels of awareness and preparedness for future security challenges, and why security must play a key role underpinning the development of future smart manufacturing systems.
Article
Full-text available
The identification of loose manufacturing utilities (e.g. tools, fixtures) and their current condition are essential for machining operations. In this paper a Service Oriented Architecture (SOA) is described, which is applied on manufacturing utilities equipped with sensors and actuators. The suggested SOA not only facilitates interoperability but also can expose semantic data models using OPC UA. Moreover, locally computed information about the utility can be subscribed by relevant communication partners e.g. the CNC. To demonstrate possible applications, a show case tombstone was developed which exposes its state and formal description as well as its current thermal deformation.
Article
Full-text available
The holistic use of Cyber-Physical-Production-Systems (CPPS) requires a new communication architecture, the classic automation pyramid hinders the service-orientation of this methodology. The different functionalities of the layers of the pyramid still have their authorization, while the communication needs a model, where all participants in a production deliver or consume information handled by services. In the Learning Factory of the Bochum University of Applied Sciences a research scenario is set up to investigate the CPPS-oriented communication in a production line between distributed PLCs, MES, ERP, Energy Monitoring and Cloud-Services. The developed communication architecture uses standards as OPC-UA to realize this service-orientation.
Article
Full-text available
Future manufacturing is becoming “smart” - capable of agilely adapting to a wide variety of changing conditions. This requires production plants, supply chains and logistic systems to be flexible in design and reconfigurable “on the fly” to respond quickly to customer needs, production uncertainties, and market changes. Service-Oriented Architecture (SOA) provides a promising platform to achieve such manufacturing agility. It has proven effective for business process adaptation. When combined with the emerging Internet of Things (IoT) technology and the concept of cyber-physical production systems, it is expected to similarly revolutionize real-time manufacturing systems. This paper proposes a new concept of cyber-physical manufacturing services (CPMS) for service-oriented smart manufacturing systems. In addition, we propose a modeling framework that provides appropriate conceptual models for developing and describing CPMS and enabling their composition. Specifically, the modeling framework separates service provision models from service request models and proposes the use of standardized functional taxonomies and a reference ontology to facilitate the mediation between service requests and service consumptions. A 3D-printing use case serves as an example implementation of an SOA-based smart manufacturing system based on our proposed modeling framework.
Article
Full-text available
**** '2017 IJAT Best Review Paper Award' for the most prominent review paper in recent years published in the International Journal of Automation Technology (IJAT). **** A fourth industrial revolution is occurring in global manufacturing. It is based on the introduction of Internet of things and servitization concepts into manufacturing companies, leading to vertically and horizontally integrated production systems. The resulting smart factories are able to fulfill dynamic customer demands with high variability in small lot sizes while integrating human ingenuity and automation. To support the manufacturing industry in this conversion process and enhance global competitiveness, policy makers in several countries have established research and technology transfer schemes. Most prominently, Germany has enacted its Industrie 4.0 program , which is increasingly affecting European policy, while the United States focuses on smart manufacturing. Other industrial nations have established their own programs on smart manufacturing, notably Japan and Korea. This shows that manufacturing intelligence has become a crucial topic for researchers and industries worldwide. The main object of these activities are the so-called cyber-physical systems (CPS): physical entities (e.g., machines, vehicles, and work pieces), which are equipped with technologies such as RFIDs, sensors, microprocessors, telematics or complete embedded systems. They are characterized by being able to collect data of themselves and their environment , process and evaluate these data, connect and communicate with other systems, and initiate actions. In addition, CPS enabled new services that can replace traditional business models based solely on product sales. The objective of this paper is to provide an overview of the Industrie 4.0 and smart manufacturing programs, analyze the application potential of CPS starting from product design through production and logistics up to maintenance and exploitation (e.g., recycling), and identify current and future research issues. Besides the technological perspective, the paper also takes into account the economic side considering the new business strategies and models available.
Conference Paper
Full-text available
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing and enforcing vastly diverse access control policies in support of various types of data services. The two standards differ with respect to the manner in which access control policies and attributes are specified and managed, and decisions are computed and enforced. This paper is presented as a consolidation and refinement of public draft NIST SP 800-178 [21], describing, and comparing these two standards.
Article
The continuous advance in manufacturing and information analytics has improved the connectivity between computational and physical elements within the industry, hence increasing the effectiveness and reliability of Cyber-Physical Systems (CPS). This progress has been further enhanced by Cloud computing technologies, by externalizing services and interconnecting different industrial networks. As a consequence, there has been an increase of cyber-security threats in the industrial sector in recent years. Among other security measures, it is of paramount importance to introduce flexible access control mechanisms to avoid unauthorized access to the heterogeneous systems that coexist in this context. In this paper, we identify the requirements for such techniques, and propose a novel industrial architecture where multiple access control models are assessed when cloud technologies are integrated. In particular, we emphasize their adaptability to new heterogeneous scenarios through diverse indicators, achieving a trade-off between security and efficiency.
Article
The modularization of process plants is regarded as a promising approach to cope with upcoming requirements in the process industry regarding flexibility. Within the DIMA project (“Decentralized Intelligence for Modular Assets”), a concept has been developed to overcome current deficiencies in implementing modular plants and especially their automation. On the one hand, the approach considers a clear separation of engineering efforts into a plant independent module engineering and a plant specific integration engineering. On the other hand, the concept provides a method for the fast integration of a module's automation system into a higher-level process control system. To do so, each module provides its process functionality in encapsulated services. The core of the integration method is a file based description of the module including its services, operating screens, and communication variables. The so called “Module Type Package” is currently under standardization by different organizations. This article presents the general approach as well as current results of the standardization efforts. Furthermore, the results are executed on an application demonstrator to allow a practical assessment. Thus, module engineering and integration engineering as well as corresponding software tools can be demonstrated.
Conference Paper
The purpose of this paper is to collect and structure the various features of Smart Manufacturing (SM). Researchers have previously identified various characteristics and technologies of Smart Manufacturing System (SMS); this paper collects, discusses and merges some of those characteristics and technologies available in the current body of knowledge. In the future, it is expected that this selection of characteristics and technologies will help to compare and distinguish other initiatives like Industry 4.0, smart factory, intelligent manufacturing, distributive manufacturing, etc. which are frequently used synonymous with SM. The result of this paper is a comprehensive list of characteristics and technologies that are associated with a SMS. As many of the listed items show variating overlaps, certain technologies and characteristics are merged and clustered. This results in a set of five defining characteristics and ten technologies that are considered relevant for a SMS. The authors hope to provide a basis for a broad and interdisciplinary discussion within the SM community about the defining technologies and characteristics of a SMS.
Chapter
Unfortunately, well-established classic security models for access control are often not sufficient anymore for many of today’s use cases and IT landscapes, including for example Internet of Things (IoT) and big data analytics. Access control (and security/privacy in general) requirements and implementations have frequently become very different, and more challenging, compared to conventional enterprise or internet-facing IT environments. More sophisticated approaches based on fine-grained, contextual, dynamic access control are required. This paper focuses on “Proximity Based Access Control” (PBAC), a particularly advanced access control approach that can implement flexible, proximity-based, dynamic, contextual access. PBAC, together with Attribute Based Access Control (ABAC) and Model Driven Security (MDS) is used to express and enforce such security and privacy requirements. Section 1 motivates the need for advanced access control for many of today’s environments. Section 2 first introduces ABAC, then section 3 discusses PBAC within the context of ABAC. Section 4 introduces MDS. Finally, section 5 presents a detailed Intelligent Transport Systems (ITS) example of PBAC, implemented using MDS and an extension of ABAC).
Article
Today, embedded, mobile, and cyberphysical systems are ubiquitous and used in many applications, from industrial control systems, modern vehicles, to critical infrastructure. Current trends and initiatives, such as "Industrie 4.0" and Internet of Things (IoT), promise innovative business models and novel user experiences through strong connectivity and effective use of next generation of embedded devices. These systems generate, process, and exchange vast amounts of security-critical and privacy-sensitive data, which makes them attractive targets of attacks. Cyberattacks on IoT systems are very critical since they may cause physical damage and even threaten human lives. The complexity of these systems and the potential impact of cyberattacks bring upon new threats. This paper gives an introduction to Industrial IoT systems, the related security and privacy challenges, and an outlook on possible solutions towards a holistic security framework for Industrial IoT systems.
Article
This article begins with an explanation of access control and its relationship to other security services such as authentication, auditing and administration. It then reviews the access matrix model and describes di#erent approaches to implementing the access matrix in practical systems. This is followed by a discussion of access control policies which are commonly found in current systems. Finally,we brie#y consider the administration of access control.
Article
Smart Manufacturing is the dramatically intensified and pervasive application of networked information-based technologies throughout the manufacturing and supply chain enterprise. The defining technical threads are time, synchronization, integrated performance metrics and cyber-physical–workforce requirements. Smart Manufacturing responds and leads to a dramatic and fundamental business transformation to demand-dynamic economics keyed on customers, partners and the public; enterprise performance and variability management; real-time integrated computational materials engineering and rapid qualification, demand-driven supply chain services; and broad-based workforce involvement. IT-enabled Smart factories and supply networks can better respond to national interests and strategic imperatives and can revitalize the industrial sector by facilitating global competitiveness and exports, providing sustainable jobs, radically improving performance, and facilitating manufacturing innovation.
Article
In this paper, we introduce the family of UCONABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models because they address the essence of UCON, leaving administration, delegation, and other important but second-order issues for later work. The term usage control is a generalization of access control to cover authorizations, obligations, conditions, continuity (ongoing controls), and mutability. Traditionally, access control has dealt only with authorization decisions on users' access to target resources. Obligations are requirements that have to be fulfilled by obligation subjects for allowing access. Conditions are subject and object independent environmental or system requirements that have to be satisfied for access. In today's highly dynamic, distributed environment, obligations and conditions are also crucial decision factors for richer and finer controls on usage of digital resources. Although they have been discussed occasionally in recent literature, most authors have been motivated from specific target problems and thereby limited in their approaches. The UCONABC model integrates these diverse concepts in a unified framework. Traditional authorization decisions are generally made at the time of requests but hardly recognize ongoing controls for relatively long-lived access or for immediate revocation. Moreover, mutability issues that deal with updates on related subject or object attributes as a consequence of access have not been systematically studied.Unlike other studies that have targeted on specific problems or issues, the UCONABC model seeks to enrich and refine the access control discipline in its definition and scope. UCONABC covers traditional access controls such as mandatory, discretionary, and role-based access control. Digital rights management and other modern access controls are also covered. UCONABC lays the foundation for next generation access controls that are required for today's real-world information and systems security. This paper articulates the core of this new area of UCON and develops several detailed models.
Article
This paper presents the basic concepts which comprise the Purdue Enterprise Reference Architecture along with a description of its development and use. This architecture provides the capability for modelling the human component as well as the manufacturing or customer service component of anyenterprise in addition to the information and control system component. This latter component is the major focus of most reference architectures and models available today for computer integrated manufacturing or complete enterprise study.This paper particularly points out those areas where this architecture differs from others available. In doing this it describes a new and unique method for defining the place of the human in the computer integrated plant or enterprise. It also develops the concept of customer service, which allowed the architecture, which was originally developed for computer integrated manufacturing, to be extended to define the development and operation of any enterprise regardless of the industry or field of endeavor involved.
Conference Paper
The central goal of secure information sharing is to "share but pro- tect" where the motivation to "protect" is to safeguard the sensitive content from unauthorized disclosure (in contrast to protecting the content to avoid loss of revenue as in retail Digital Rights Manage- ment). This elusive goal has been a major driver for information security for over three decades. Recently, the need for secure infor- mation sharing has dramatically increased with the explosion of the Internet and the convergence of outsourcing, offshoring and B2B collaboration in the commercial arena and the real-world demon- stration of the tragic consequences of lack of information sharing in the national security arena. As technology has made the "share" aspect ever easier so has it increased the difficulty of enforcing the "protect" aspect. The central contribution of this paper is to show that the emergence of industrial strength Trusted Comput- ing (TC) technology offers a range of novel solutions to the long- standing problem of secure information sharing. To this end we introduce a new framework of three layered models to analyze re- quirements and develop solutions, and demonstrate the application of this framework in context of TC and secure information shar- ing. The three layers are policy models (topmost), enforcement models (middle), and implementation models (bottom). Hence the name PEI models. At the policy model layer the secure informa- tion sharing space is divided into three categories called password based, device based, and credential based. For each of these policy categories various enforcement and implementation models can be developed. While we believe the PEI framework is relevant to se- curity problems beyond secure information sharing, our goal in this paper is to demonstrate its application in this particular arena and identify questions for future research in this context. An essential benefit of PEI is that the three layers allow us to focus on the more important issues at a higher level of abstraction at the policy and en- forcement layers, while leaving deep detail to the implementation layer. This paper focusses on the policy and enforcement layers with only passing mention of the implementation layer.
Conference Paper
eXtensible Access Control Markup Language (XACML), an OASIS standard, is the most widely used policy specifica- tion language for access control. Its simplicity in syntax and strength in coverage makes it suitable for diverse en- vironments such as Service Oriented Architectures (SOAs) and P2P systems. There are different implementations of XACML available. Some of these implementations are open source and some others are proprietary. In this work we intended to shed some lights to the performance issues of XACML engines. We tested 3 open source XACML implementations with different policy/request settings. Our experiments revealed some important points to be taken into consideration when deploying an XACML based access control system. Besides, our results can be used as hints by policy writers and system developers for deploying efficient authorization services.
Conference Paper
For companies and government agencies alike, the emergence of Web services technologies and the evolution of distributed systems toward service oriented architectures (SOA) have helped promote collaboration and information sharing by breaking down "stove-piped" systems and connecting them via loosely coupled, interoperable system-to-system interfaces. Such architectures, however, also bring about their own security challenges that require due consideration. Unfortunately, the current information security mechanisms are insufficient to address these challenges. In particular, the access control models today are mostly static and coarsely grained; they are not well-suited for the service-oriented environments where information access is dynamic and ad-hoc in nature. This paper outlines the access control challenges for Web services and SOA, and proposes an attribute based access control (ABAC) model as a new approach, which is based on subject, object, and environment attributes and supports both mandatory and discretionary access control needs. The paper describes the ABAC model in terms of its authorization architecture and policy formulation, and makes a detailed comparison between ABAC and traditional role-based models, which clearly shows the advantages of ABAC. The paper then describes how this new model can be applied to securing Web service invocations, with an implementation based on standard protocols and open-source tools. The paper concludes with a summary of the ABAC model's benefits and some future directions.
Article
Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do. In this way access control seeks to prevent activity that could lead to a breach of security. This article explains access control and its relationship to other security services such as authentication, auditing, and administration. It then reviews the access matrix model and describes different approaches to implementing the access matrix in practical systems, and follows with a discussion of access control policies commonly found in current systems, and a brief consideration of access control administration.< >
Article
This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification. It concentrates on those architectural structures-whether hardware or software-that are necessary to support information protection. The paper develops in three main sections. Section I describes desired functions, design principles, and examples of elementary protection and authentication mechanisms. Any reader familiar with computers should find the first section to be reasonably accessible. Section II requires some familiarity with descriptor-based computer architecture. It examines in depth the principles of modern protection architectures and the relation between capability systems and access control list systems, and ends with a brief analysts of protected subsystems and protected objects. The reader who is dismayed by either the prerequisites or the level of detail in the second section may wish to skip to Section III, which reviews the state of the art and current research projects and provides suggestions for further reading.
Smart manufacturing: characteristics and technologies
  • S Mittal
  • MA Khan
  • T Wuest
  • R Harik
  • L Rivest
  • A Bernard
  • B Eynard
  • A Bouras
Evolution of ICS attacks and the prospects for future disruptive events
  • J Slowik
J. Slowik, "Evolution of ICS Attacks and the Prospects for Future Disruptive Events," tech. rep., 2017.
Secure granular interoperability with OPC UA
  • V Watson
  • J Sassmannshausen
  • K Waedt
V. Watson, J. Sassmannshausen, and K. Waedt, "Secure granular interoperability with OPC UA," in INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik -Informatik für Gesellschaft, (Bonn), pp. 309-320, Gesellschaft für Informatik e.V., 2019.
eXtensible Access Control Markup Language (XACML) version 3.0 plus errata 01
  • E Yuan
  • J Tong
E. Yuan and J. Tong, "Attributed Based Access Control for web services," in Proc. of IEEE Int. Conference on Web Services, 2005. 18. "eXtensible Access Control Markup Language (XACML) version 3.0 plus errata 01," standard, OASIS, 2017.