An architecture for distributed OASIS services
IFIP/ACM International Conference on Distributed systems platforms
A context-related authorization and access control method based on RBAC:
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Issues in the Design of a Language for Role Based Access Control
ICICS '99 Proceedings of the Second International Conference on Information and Communication Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Trustworthiness in Distributed Electronic Healthcare Records-Basis for Shared Care
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
A service-centric approach to a parameterized RBAC service
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Automatic enforcement of access control policies among dynamic coalitions
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
Behavior-based access control for distributed healthcare systems
Journal of Computer Security
| Hi-index | 0.00 |
This paper presents a mechanism for using the Object Management Group's Common Secure Interoperability Version 2 (CSIv2), Authorization Token Layer Acquisition Service (ATLAS), and XML security standards such as Security Assertion Markup Language (SAML) to develop role-based access control (RBAC) in a secure distributed computation system.The need for RBAC became evident in this kind of system because the components of the system are configured dynamically in specific neighbor relationships to each other. We use roles to model the neighboring relationships, which are reflected in the access control policy.We describe the use of an "authorization domain" defined in the ATLAS to authorize and scope the roles granted to clients. Each component of the computation system is associated with a particular authorization domain. Authenticated principals are authorized for a particular role in an authorization domain at neighborhood configuration time. The access control policy of components is based solely on the role of its requesting client, resulting the access control policy of components to remain static while the configuration of the system remains dynamic.We show the method in which we use the CSIv2, ATLAS, and SAML standards to activate authorized roles, which in turn, allows us to implement RBAC policies to guard CORBA requests. This approach gives the mechanism by which we can secure our CORBA based distributed computation system.