Access control in a distributed object environment using XML and roles
نویسندگان
چکیده
We discuss the design of an integrated security architecture for authorization and authentication in a distributed object environment. Our architecture will have four main components: an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session certificates to authenticated users. A session certificate will be used by the authorization engine to establish the legitimacy of an access request by a user. We will also describe how the architecture supports dynamic revocation of session certificates and delegation.
منابع مشابه
XML for RBAC Administration in Enterprise Environment
We have proposed an object -oriented RBAC (ORBAC) model to efficiently represent the real world. Though ORBAC is a good model, administration of ORBAC including creating and maintaining an access control security policy still remains a challengeable problem. In this paper, we present a practical method that can be employed in an enterprise environment to manage security policies using eXtensibl...
متن کاملImplementing Distributed Workflow Systems from XML Specifications
In enterprise-wide distributed workflow, multiple users cooperate towards some common goal following predefined task specifications. This paper presents an approach for constructing a distributed workflow system starting from its XML specification in terms of various participants’ roles, access rights based on roles, shared objects, operations, and workflow constraints. The specifications are i...
متن کاملXml Access Control in Native and Rdbms - Supported Xml Databases
As the eXtensible Markup Language (XML) has emerged as the de facto standard for storing and exchanging information in the Internet Age, the needs for efficient yet secure access of XML data naturally arise. It becomes increasingly important to be able to tailor information in XML data for various users and applications, while preserving confidentiality. In this dissertation, we ask how fine-gr...
متن کاملX - Rbac : an Access Control Language for Multi - Domain Environments
A multi-domain application environment consists of distributed multiple organizations, each employing its own security policy, allowing highly intensive inter-domain accesses. Ensuring security in such an environment poses several challenges. XML technologies are being perceived as the most promising approach for developing pragmatic security solutions for such environments because of the integ...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- South African Computer Journal
دوره 31 شماره
صفحات -
تاریخ انتشار 2003