Implement role based access control with attribute certificates

6th International Conference on Advanced Communication Technology: Broadband Convergence Network Infrastructure

Volumn 1, Issue , 2004, Pages 536-541

  Zhou, Wei ^a   Meinel, Christoph ^a  

^a UNIVERSITY OF TRIER   (Germany)

Author keywords

Attribute certificates; Authentication; Authorization; Privilege management infrastructure; Public key certificates; Public key infrastructure; Role based access control; X.509; XML

Indexed keywords

INFORMATION ANALYSIS; INFORMATION MANAGEMENT; INFORMATION TECHNOLOGY; PUBLIC POLICY; SERVERS; WORLD WIDE WEB;

AUTHENTICATION; POLICY MANAGEMENT;

COMPUTER SCIENCE;

EID: 2942642687     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (22)

1. R.S. Sandhu, E.J. Coyne, H.L. Feinstem, C.E. Youman, Role based access control models, IEEE Computer, 29 February 1996.
2. David F. Ferraiolo, R.S. Sandhu, Serban Gavrila, D. Richard Kuhn and Ramaswamy Chandramouli, Proposed NIST Standard for Role-Based Access Control, ACM Transactions on Information and Systems Security (TISSEC), Volume 4, Number 3, August 2001.
3. R.S. Sandhu, Bhamidipati and Qamar Munawer The ARBAC97 Model for Role-Based Administration of Roles, ACM Transactions on Information and Systems Security (TISSEC), Volume 2, Number 1, Februrary 1999.
4. J.S. Park, R. Sandhu, G. Ahn, Role-based access control on the web, ACM Transactions on Information and System Security, Volume 4, Number 1, February 2001.
5. D.W. Chadwick, A. Otenko, The PERMIS X.509 role based privilege management infrastructure, Future Generation Computer Systems, Volume 19, Issue 2, February 2003, Pages 277-289.
6. D.W. Chadwick, A. Otenko, RBAC Policies in XML for X.509 Based Privilege Management, to be presented at SEC 2002, Egypt, May 2002.
7. M. Thompson, A. Essiari, S. Mudumbai, Certificate-based Authorization Policy in a PKI Environment, Submitted to a special issue of ACM Transactions on Information and System Security, August 2003.
8. B. Blobel, P. Hoepner, R. Joop, S. Karnouskos, G. Kleinhuis and G. Stassinopoulos, Using a privilege management infrastructure for secure web-based e-health applications, Computer Communications, Volume 26, Issue 16, 15 October 2003, Pages 1863-1872.
9. Javier Lopez, Antonio Mana, Juan J. Ortega, Jose M. Troya and Manemma I. Yague, Integrating PMI services in CORBA applications, Computer Standards & Interfaces, Volume 25, Issue 4, August 2003, Pages 391-409.
10. ITU-T Rec. X.509 ISO/IEC 9594-8, The Directory: Public-key and Attribute Certificate Frameworks, May 3, 2001.
11. S. Farrell, R. Housley, An Internet Attribute Certificate Profile for Authorization, Internet-draft April 2002, http://www.ietf.org/rfc/rfc3281.txt.
12. R. Housley, W. Ford, W. Polk, D. Solo, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, http://wwvv.ietf.org/rfc/rfc2459.txt
13. ITU-T Rec. X.812(1995)|ISO/IEC 10181-3:1996, Security frameworks in open systems: Access control framework.
14. The Open Group, Authorization (AZN) API, ISBN: 185912-266-3, January 2000.
15. Jakarta Tomcat servlet container, http://iakarta.apache.org/tomcat/.
16. OpenLDAP, the Open Source Lightweight Directory Access Protocol (LDAP), http://www.openldap.org/.
17. MySQL, the Open Source SQL database, http://www.mysql.com/.
18. A. Otenko, D.W. Chadwick, A Comparsion of the Akenti and PERMIS Authorization Infrastructures, http://sec.isi.salford.ac.uk/.
19. M. Blaze, J. Feigenbaum, J. Ioannidis, The KeyNote Trust-Management System, Version 2, RFC 2074, September 1999.
20. L. Pearlman, V. Welch, I. Foster, K. Kesselman and S. Tuecke, A Community Authorization Service for Group Collaboration, IEEE Workshop on Policies for Distributed Systems and Networks (2002).
21. The Virtual Organization Membership Service (VOMS), http://grid-auth.inm. it/.
22. M. Erdos, S. Cantor, Shibboleth-Architecture DRAFT v05, http://shibboleth.internet2.edu/.