Title | ||
---|---|---|
Authorization With Security Attributes And Privilege Delegation - Access Control Beyond The Acl |
Abstract | ||
---|---|---|
This paper focuses on authorization in distributed environments; the typical authorization scheme employs access control lists, however, the scheme has problems when it is applied to a large-scale network. We introduce a new authorization scheme, compare it with the old scheme, and present an implementation of an information server which adopts the new scheme.As a part of authorization, delegation of privileges is important, however, current delegation mechanisms have problems when the delegation crosses a boundary of security domains. We propose a solution which refers to security information of other security domains through a directory service. (C) 1997 Elsevier Science B.V. |
Year | DOI | Venue |
---|---|---|
1997 | 10.1016/S0140-3664(97)00027-3 | COMPUTER COMMUNICATIONS |
Keywords | DocType | Volume |
authorization, privilege, delegation, privilege attribute certificate, access control decision function | Journal | 20 |
Issue | ISSN | Citations |
5 | 0140-3664 | 0 |
PageRank | References | Authors |
0.34 | 0 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yoshiki Sameshima | 1 | 13 | 3.78 |
Peter T. Kirstein | 2 | 56 | 29.99 |