Network security via private-key certificates
ACM SIGOPS Operating Systems Review
Extending the ISO Access Framework for Multiple Policies
IFIP/Sec '93 Proceedings of the IFIP TC11, Ninth International Conference on Information Security: Computer Security
III: Security applications: SESAME: The solution to security for open distributed systems
Computer Communications
Hi-index | 0.24 |
This paper focuses on authorization in distributed environments; the typical authorization scheme employs access control lists, however, the scheme has problems when it is applied to a large-scale network. We introduce a new authorization scheme, compare it with the old scheme, and present an implementation of an information server which adopts the new scheme. As a part of authorization, delegation of privileges is important, however, current delegation mechanisms have problems when the delegation crosses a boundary of security domains. We propose a solution which refers to security information of other security domains through a directory service.