Loading [a11y]/accessibility-menu.js
A framework for supporting distributed access control policies | IEEE Conference Publication | IEEE Xplore

A framework for supporting distributed access control policies


Abstract:

In this paper we describe a mechanism for managing authorisation policies in distributed environments. This mechanism is based on public key infrastructure (PKI) and priv...Show More

Abstract:

In this paper we describe a mechanism for managing authorisation policies in distributed environments. This mechanism is based on public key infrastructure (PKI) and privilege management infrastructure (PMI). In our approach each domain comprises a root policy and some subordinate authorisation policies. The root policy specifies how to use the subordinate policies. The subordinate policies describe the access control rules that are used for making access control decisions. The subordinate policies can be defined and managed independently and dynamically loaded into the access control system at runtime. All these policies are stored in X.509 attribute certificates (ACs), thus guaranteeing their integrity. The AC that holds root policy is co-located with access control system; the ACs that holds subordinate policies can be distributed. In the root policy we use policy schemes, policy sub-schemes and policy hierarchies to manage the subordinate policies; because they make the policy management flexible and easy.
Date of Conference: 27-30 June 2005
Date Added to IEEE Xplore: 15 August 2005
Print ISBN:0-7695-2373-0
Print ISSN: 1530-1346
Conference Location: Murcia, Spain

References

References is not available for this document.