Vandenwauver, M., Govaerts, R., Vandewalle, J.: How role based access control is implemented in sesame. In: WETICE. (1997) 293--298  Home/Search   Document Not in Database   Summary   Related Articles   Check

....domain. The flexibility and simplicity of the XML format allows researchers to design new domain specific markup languages. We believe that our concept can be applied to develop a generalized security language for expressing any security policy for a distributed environment, similar to [14][15] With the proliferation of XML in the industry, there is a high probability that future systems will be equipped with an XML parser. This will help in realizing our views and concepts. To further extend the proposed concept, we are experimenting with Java s ability to load Java class files ....

Mark Vandenwauver, Ren Govaerts, Joos Vandewalle. 1997. How Role Based Access Control is implemented in SESAME. Proceedings of the 6-th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 293-298. IEEE Computer Society Press.

....and software implementation Current approaches to perform role based access control on Web servers are mostly based on attribute certificates. It is possible to find definitions and implementations of attribute certificates such as the one depicted in [1] or the one defined in the SESAME project [3]. Smart Certificates [1] are based on the X509v3 standard: both the attributes and publickey information are bundled in a single certificate. The attribute information is stored in the extension field of the X509v3 certificate and can be signed by a certification authority different from the one ....

M. Vandenwauver, R. Govaerts, J. Vandewalle, How Role Based Access Control is implemented in SESAME

....and Neuman, 1993] The main difference is the presence of the Privilege Attribute Server (PAS) in SESAME. This server has been added to manage the access control mechanism that is implemented by SESAME. Because of its many advantages SESAME has opted to implement role based access control (RBAC) Vandenwauver et al. 1997a] The scheme is enforced using Privilege Attribute Certificates (PACs) ECMA 219, 1996] These PACs contain the information about the user that is needed to make access control decisions. They are digitally signed by the PAS. The Authentication Server (AS) and Key Appeared in Proceedings of the ....

Vandenwauver, M., Govaerts, R., and Vandewalle, J. (1997a). How Role Based Access Control is Implemented in SESAME. In Proceedings of the 6-th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 293--298. IEEE Computer Society.

....mechanism is not needed as attribute certificates are issued with a limited lifetime. Manageability is also an advantage of RBAC as access restrictions only have to be defined for each role and not for each user. Role Based Access Control is implemented for example in the SESAME environment [24], and it is used in TrustedWeb [21] 3.4 Security of the server A number of problems can arise when installing the server. The implemented access control is only performed when accessing the server via the WWW. Everybody who can login to the machine the server is running on, might access the ....

M. Vandenwauver, R. Govaerts, and J. Vandewalle. How Role Based Access Control is Implemented in SESAME. In Proceedings of the 6-th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 293--298. IEEE Computer Society, 1997.

No context found.

Vandenwauver, M., Govaerts, R., Vandewalle, J.: How role based access control is implemented in sesame. In: WETICE. (1997) 293--298

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC