Role-Based Access Control Models
Computer
Inside distributed COM
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Globe: A Wide-Area Distributed System
IEEE Concurrency
Legion-a view from 50,000 feet
HPDC '96 Proceedings of the 5th IEEE International Symposium on High Performance Distributed Computing
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Locating objects in wide-area systems
IEEE Communications Magazine
Hi-index | 0.00 |
In this paper we present the design and the implementation of a policy engine for enforcing security policies for distributed applications. Such policies, represented by using the RBAC model, include both how the distributed, shared and replicated objects are used, by mean of role certificates and how these roles are managed by means of administrative roles. The policy engine can enforce not only privileges to invoke methods with particular parameters and under specific conditions but also the permissions to execute such methods. The engine is offered as a middleware service such that application developers can concntrate on specify the security policies for their applications and they are realesed from the burden of implementing the mechanisms for the actual enforcement of such policies.