Abstract | ||
---|---|---|
The protection of information in enterprise and cloud platforms is growing more important and complex with increasing numbers of users who need to access resources with distinct permissions. Role-based access control (RBAC) eases administrative complexity for large-scale access control, while a client-server model can ease performance bottlenecks by distributing access enforcement across multiple servers that consult the centralized access decision policy server as needed. In this paper, we propose a new approach to access enforcement using an existing associative array hardware data structure (HWDS) to cache authorizations in a distributed system using RBAC. This HWDS approach uses hardware that has previous been demonstrated as useful for several application domains including access control, network packet routing, and generic comparison-based integer search algorithms. We reproduce experiments from prior work on distributed access enforcement for RBAC systems, and we design and conduct new experiments to evaluate HWDS-based access enforcement. Experimental data show the HWDS cuts session initiation time by about a third compared to existing solutions, while achieving similar performance to authorize access requests. These results suggest that distributed systems using RBAC could use HWDS-based access enforcement to increase session throughput or to decrease the number of access enforcement servers without losing performance. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1145/2613087.2613096 | SACMAT |
Keywords | Field | DocType |
access control,enforcement,hardware data structures,security and protection | Computer access control,Computer science,Computer security,Cache,Server,Role-based access control,Enforcement,Access control,Computer hardware,Physical access,Cloud computing,Distributed computing | Conference |
Citations | PageRank | References |
0 | 0.34 | 17 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Gedare Bloom | 1 | 68 | 13.95 |
Rahul Simha | 2 | 137 | 12.42 |