Certificate Based Authorization Simulation System
نویسندگان
چکیده
Using certificates for distributed authorizations in computer network systems has been discussed in the literature. However real implementations of the concept are rarely seen. In our certificate based authorization simulation system (CBASS) project, we prototyped a computer system including some of the emulated functions of an operating system such as machine, user and file management, and emulated applications. These system management functions and applications use certification instead of conventional access control list mechanism for resource access control. It is our purpose to explore a practical way to build the distributed authorization into computer systems in order to solve authorization problems which exist in present open and large distributed computing environments. In this paper, we present our design and implementation of the CBASS.
منابع مشابه
A Framework for Adaptive Information Security Systems : A Holistic Investigation
This paper describes a security system for authorization in open networks. Authorization means authority to access certain resources, to perform certain operations, or to use certain system functions. In this paper, the authorization system bases on use of attribute certificates. An attribute certificate is a signed object containing authorization attributes of a user. Before checking whether a...
متن کاملBiosimgrid: a Distributed Database for Biomolecular Simulations
Biomolecular simulations provide data on the conformational dynamics and energetics of complex biomolecular systems. We aim to exploit the e-science infrastructure developing in the UK to enable large scale analysis of the results of such simulations. In particular, the BioSimGrid project (www.biosimgrid.org) will provide a generic database for comparative analysis of simulations of biomolecule...
متن کاملWeighted Pushdown Systems and Trust-Management Systems
The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trustmanagement system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains. The certificate-chain-discovery problem is to discover a proof of authorization for a given request. ...
متن کاملA Design for a Security-Typed Language with Certificate-Based Declassification
This paper presents a calculus that supports information-flow security policies and certificate-based declassification. The decentralized label model and its downgrading mechanisms are concisely expressed in the polymorphic lambda calculus with subtyping (System F≾). We prove a conditioned version of the noninterference theorem such that authorization for declassification is justified by digita...
متن کاملSecure Information Sharing Using Attribute Certificates and Role Based Access Control
In this paper, we explore the issues involved with the design and rapid deployment of large scale secure information sharing (SIS) systems for coordination involved with multiple agencies. Procedures and tools were developed for setting up quickly the public key infrastructure (PKI) and privilege management infrastructure (PMI) for the multi-agency SIS systems. A multi-agency SIS testbed based ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001