CRYPTO '89 Proceedings on Advances in cryptology
Programming semantics for multiprogrammed computations
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
ACM SIGOPS Operating Systems Review
Authorization in the Digital Library: Secure Access to Services across Enterprise Boundaries
ADL '96 Proceedings of the 3rd International Forum on Research and Technology Advances in Digital Libraries
SESAME V2 public key and authorisation extensions to Kerberos
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
A flexible distributed authorization protocol
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
| Hi-index | 0.00 |
This paper addresses the problem of inter-enterprise transaction authorization, as required when an employee of one organization commissions work to another organization. On receiving an order from another organization, a company wants to be sure that the sender is actually entitled to do so within his or her organization. The MIERA scheme can be used for both intra- and inter-enterprise authorization and bases the decisions on roles. We define an authorization tree for a transaction type that determines which combination of roles can authorize such transactions. This tree allows the order-receiving organization to verify whether the order-sending employee was properly authorized.