Secure hierarchy-based access control in distributed environments
نویسندگان
چکیده
Access control is a fundamental concern in any system that manages resources, e.g., operating systems, file systems, databases and communications systems. The problem we address is how to specify, enforce, and implement access control in distributed environments. Starting from an access relation between users and resources, we derive a user hierarchy, a resource hierarchy, and a unified hierarchy. The unified hierarchy is then used to specify the access relation in a way that is compact and that allows efficient queries. It is also used in cryptographic schemes that enforce access rights. We introduce three specific cryptography-based hierarchical access schemes, which can effectively enforce and implement access control and are designed for distributed environments.
منابع مشابه
Hierarchy-based access control in distributed environments
Access control is a fundamental concern in any system that manages resources, e.g., operating systems, file systems, databases and communications systems. The problem we address is how to specify, enforce, and implement access control in distributed environments. This problem occurs in many applications such as management of distributed project resources, e-newspaper and payTV subscription serv...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملPeAgent - A Mobile Agent System to Support Secure Internet and Web Applications
Many agent-based systems have been developed over the past decade; however, the security issues are usually not addressed adequately. In order to make the mobile agent paradigm more useful and acceptable for Web and Internet applications, the security considerations should go beyond the protection of basic agent execution environments. In this paper, we present the design of a robust Java-based...
متن کاملEnhancing Security in Distributed ERLANG by Integrating Access Control
As the need for interaction between software components in unprotected open networks, such as the Internet, increases, the need for programming languages suited for development of secure distributed software components increases. Erlang is a programming language well suited for development of distributed software components. The lack of security mechanisms, such as access control and secure com...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کامل