This paper presents the Authorization Service provided by Tivoli Policy Director (PD) and its use by PD family members as well as third-party applications. Policies are defined over an object namespace and stored in a database, which is managed via a management console and accessed through an Authorization API. The object namespace abstracts from heterogeneous systems and thus enables the defin...

Authorization infrastructures manage privileges and render access control decisions, allowing applications to adjust their behavior according to the privileges allocated to users. This paper describes the PERMIS role based authorization infrastructure along with its conceptual authorization, access control, and trust models. PERMIS has the novel concept of a credential validation service, which...

Despite recent widespread interest in the secure au-thentication of principals across computer networks there has been considerably less discussion of distributed m e chanisms to support authorization and accounting. By generalizing the authentication model to support restricted p r oxies, both authorization and accounting can be e asily supported. This paper presents the proxy model for author...

Psychological acceptability has been mentioned as a requirement for secure systems for as long as least privilege and fail safe defaults, but until now has been all but ignored in the actual design of secure systems. We place this principle at the center of our design for Adage, an authorization service for distributed applications. We employ usability design techniques to specify and test the ...