Enforcing security policies for distributed objects applications

Authors:
Bogdan C. Popescu;Bruno Crispo;Andrew S. Tanenbaum;Maas Zeeman
Affiliations:
Vrije Universiteit, Amsterdam;Vrije Universiteit, Amsterdam;Vrije Universiteit, Amsterdam;Vrije Universiteit, Amsterdam
Venue:
Proceedings of the 11th international conference on Security Protocols
Year:
2003

Citing 8
Cited 0

Role-Based Access Control Models

Computer
Inside distributed COM

Inside distributed COM
XML document security based on provisional authorization

Proceedings of the 7th ACM conference on Computer and communications security
Globe: A Wide-Area Distributed System

IEEE Concurrency
Legion-a view from 50,000 feet

HPDC '96 Proceedings of the 5th IEEE International Symposium on High Performance Distributed Computing
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Locating objects in wide-area systems

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present the design and the implementation of a policy engine for enforcing security policies for distributed applications. Such policies, represented by using the RBAC model, include both how the distributed, shared and replicated objects are used, by mean of role certificates and how these roles are managed by means of administrative roles. The policy engine can enforce not only privileges to invoke methods with particular parameters and under specific conditions but also the permissions to execute such methods. The engine is offered as a middleware service such that application developers can concntrate on specify the security policies for their applications and they are realesed from the burden of implementing the mechanisms for the actual enforcement of such policies.