Cross-domain one-shot authorization using smart cards
Proceedings of the 7th ACM conference on Computer and communications security
Secure Authorisation Agent for Cross-Domain Access Control in a Mobile Computing Environment
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
An Internet Authorization Scheme Using Smart-Card-Based Security Kernels
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Scalable access control for distributed object systems
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Cooperative secondary authorization recycling
Proceedings of the 16th international symposium on High performance distributed computing
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Intrusion-tolerant architectures: concepts and design
Architecting dependable systems
Authorization recycling in hierarchical RBAC systems
ACM Transactions on Information and System Security (TISSEC)
Intrusion-tolerant fine-grained authorization for Internet applications
Journal of Systems Architecture: the EUROMICRO Journal
| Hi-index | 0.00 |
This paper addresses the problem of distributed object system protection. A new authorization scheme is presented and described. It is based on the collaboration between a central authorization server and security kernels located on each site of the system. A novel approach to access rights management for such an architecture is detailed: it is based on a new kind of access rights and a new scheme of privilege delegation. This authorization scheme can be adapted to various security policies, including multilevel policies such as Bell-LaPadula. An extension of the Bell-LaPadula model to distributed object systems is presented and its implementation using the authorization scheme is described.