Design systolic systems: Illustrating of regular algorithms on synchronous array processors
Design systolic systems: Illustrating of regular algorithms on synchronous array processors
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Role delegation in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Concepts, Activities and Issues of Policy-based Communications Management
BT Technology Journal
A Policy Based Role Object Model
EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Role-based security for distributed object systems
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
A unified security framework for networked applications
Proceedings of the 2003 ACM symposium on Applied computing
Dynamic security reconfiguration for the semantic web
Engineering Applications of Artificial Intelligence
Hi-index | 0.00 |
This paper describes a security framework for object-based distributed systems which is being developed in the CORBA-compliant OrbixTM environment. This framework allows the development of secure distributed applications on existing operating systems that do not support distributed security. The design aims at making the authentication and access control mechanisms transparent to the application level and supporting access control policies specified using the concept of the management domain. This concept has been developed as a means of specifying policies in terms of groups of objects. The description focuses on how the Access Control List paradigm is combined with pseudo capabilities which are used as hints to improve the time-efficiency of the access control decision mechanism. The protocols to support the (cascaded) delegation of access rights to agents acting on behalf of a grantor are explained. A brief description of the authentication mechanism is also given.