Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI

Authors:
Somchart Fugkeaw;Piyawit Manpanpanich;Sekpon Juntapremjitt
Affiliations:
Thai Digital ID Co.,Ltd., Bangkok, Thailand 10500;Thai Digital ID Co.,Ltd., Bangkok, Thailand 10500;Whitehat Certified Co.,Ltd., Bangkok, Thailand 10310
Venue:
Agent Computing and Multi-Agent Systems
Year:
2009

Citing 8
Cited 1

ACM SIGAda Ada Letters

ACM SIGAda Ada Letters
Role-Based Access Control With X.509 Attribute Certificates

IEEE Internet Computing
An Agent-Based Model For Web Services Transaction Processing

EEE '05 Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'05) on e-Technology, e-Commerce and e-Service
Constraint-Enabled Distributed RBAC for Subscription-Based Remote Network Services

CIT '06 Proceedings of the Sixth IEEE International Conference on Computer and Information Technology
Administration in role-based access control

ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Certificate-based access control for widely distributed resources

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment

SECUREWARE '07 Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies
Authentication for single/multi domain in ubiquitous computing using attribute certification

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV

Ubiquitous-City Integrated Authentication System (UCIAS)

Journal of Intelligent Manufacturing

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents the approach of the distributed RBAC (DRBAC) access control of the multi-application delegated to the multi-user and multi-relying party federations. In our approach, DRBAC utilizes Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) to serve the authentication and authorization. We propose the dynamic mapping scheme based on the Attribute Certification model in handling user identification, role assignment, and privilege delegation. To encourage distributedness, better scalability and performance, as well as ease of management and extension, Multi-Agent Systems concept is applied for the automation of the authentication, authorization and accountability functionalities. For the trust management of multiple PKI domains, we employ the Certificate Trust Lists (CTLs) model to make the different PKI domains can interoperate effectively. Finally, our ongoing implementation is demonstrated to prove our proposed model.