Computer architecture (2nd ed.): a quantitative approach
Computer architecture (2nd ed.): a quantitative approach
Proceedings of the Fifth International Conference on Data Engineering
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Access control with IBM Tivoli access manager
ACM Transactions on Information and System Security (TISSEC)
A Resource Access Decision Service for CORBA-Based Distributed Systems
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Administering permissions for distributed data: factoring and automated inference
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
World-wide web cache consistency
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Cooperative secondary authorization recycling
Proceedings of the 16th international symposium on High performance distributed computing
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Authorization recycling in hierarchical RBAC systems
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. In massive-scale and complex enterprises, PTP authorization architectures result in fragile and inefficient solutions. They also fail to exploit virtually free CPU resources and network bandwidth. This paper proposes leveraging publish-subscribe architectures for increased reliability and efficiency by flooding delivery channels with speculatively pre-computed authorizations and actively recycling them on a just-in-time basis.