Name
Abstract | ||
|---|---|---|
Current approaches to access control on the Web servers do not scale to enterprise-wide systems because they are mostly based on individual user identities. Hence we were motivated by the need to manage and enforce the strong and efficient RBAC access control technology in large-scale Web environments. To satisfy this requirement, we identify two different architectures for RBAC on the Web, called user-pull and server-pull. To demonstrate feasibility, we implement each architecture by integrating and extending well-known technologies such as cookies, X.509, SSL, and LDAP, providing compatibility with current web technologies. We describe the technologies we use to implement RBAC on the Web in different architectures. Based on our experience, we also compare the tradeoffs of the different approaches. |
Year | DOI | Venue |
|---|---|---|
2001 | 10.1145/383775.383777 | ACM Trans. Inf. Syst. Secur. |
Keywords | DocType | Volume |
individual user identity,security additional key words and phrases: cookies,well-known technology,Role-based access control,different architecture,efficient RBAC access control,digital certificates,large-scale Web environment,current approach,Web server,role-based access control,www security,current web technology,general terms: design,experimentation,different approach | Journal | 4 |
Issue | Citations | PageRank |
1 | 117 | 11.03 |
References | Authors | |
23 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Joon S. Park | 1 | 529 | 52.78 |
| Ravi S. Sandhu | 2 | 7665 | 797.90 |
| Gail-Joon Ahn | 3 | 3012 | 203.39 |