Role-based privilege and trust management
作者: Dongwan Shin , Gail Joon Ahn
DOI:
关键词: Interoperability 、 Trust management (information system) 、 Privilege Management Infrastructure 、 Privilege (computing) 、 Role-based access control 、 Computer science 、 Competitive advantage 、 Information sharing 、 The Internet 、 Computer security
摘要: The Internet provides tremendous connectivity and information sharing capability which organizations can use for their competitive advantage. However, we still observe security challenges in Internet-based applications, especially terms of limited support controlled access to organizational resources unknown users. Roles be a convenient construct expressing entitled privileges trust degree alike, based upon further specification responsibility is made so as facilitate trust-based authorization such an environment. In this article, design role-based privilege management by leveraging model infrastructure, attempt develop easyto-use, flexible, interoperable mechanism Also, demonstrate the feasibility our providing proof-of-concept prototype implementation using commercial off-the-shelf technologies.
elsevier.com参考文章(20)
Sangrae Cho, Dongwan Shin, Gail-Joon Ahn, ROLE-BASED EAM USING X.509 ATTRIBUTE CERTIFICATE∗ ,(2003)
Ninghui Li, William H. Winsborough, John C. Mitchell, Distributed credential chain discovery in trust management Journal of Computer Security. ,vol. 11, pp. 35- 86 ,(2003) , 10.3233/JCS-2003-11102
Abdelilah Essiari, William Johnston, Gary Hoo, Keith Jackson, Mary Thompson, Srilekha Mudumbai, Certificate-based access control for widely distributed resources usenix security symposium. pp. 17- 17 ,(1999)
Ronald L. Rivest, Butler Lampson, SDSI - A Simple Distributed Security Infrastructure ,(1996)
A. Keromytis, M. Blaze, J. Feigenbaum, J. Ioannidis, The KeyNote Trust-Management System Version 2 RFC. ,vol. 2704, pp. 1- 37 ,(1999)
S. Farrell, R. Housley, An Internet Attribute Certificate Profile for Authorization RFC. ,vol. 3281, pp. 1- 40 ,(2002)
Martín Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin, A calculus for access control in distributed systems ACM Transactions on Programming Languages and Systems. ,vol. 15, pp. 706- 734 ,(1993) , 10.1145/155183.155225
Gail-Joon Ahn, Ravi Sandhu, Role-based authorization constraints specification ACM Transactions on Information and System Security. ,vol. 3, pp. 207- 226 ,(2000) , 10.1145/382912.382913
Trent Jaeger, On the increasing importance of constraints Proceedings of the fourth ACM workshop on Role-based access control. pp. 33- 42 ,(1999) , 10.1145/319171.319175
John Linn, Magnus Nyström, Attribute certification: an enabling technology for delegation and role-based controls in distributed environments Proceedings of the fourth ACM workshop on Role-based access control. pp. 121- 130 ,(1999) , 10.1145/319171.319183