Title :
Role-based security for distributed object systems
Author :
Yialelis, Nicholas ; Lupu, Emil ; Sloman, Morris
Author_Institution :
Dept. of Comput., Imperial Coll. of Sci., Technol. & Med., London, UK
Abstract :
The paper describes a security architecture designed to support role based access control for distributed object systems in a large scale, multi-organisational enterprise in which domains are used to group objects for specifying security policies. We use the concept of a role to define access control related to a position within an organisation although our role framework caters for the specification of both authorisation and obligation policies. Access control and authentication is implemented using security agents on a per host basis to achieve a high degree of transparency to the application level. Cascaded delegation of access rights is also supported. The domain based authentication service uses symmetric cryptography and is implemented by replicated servers which maintain minimal state
Keywords :
authorisation; cryptography; distributed processing; message authentication; object-oriented methods; object-oriented programming; access control; access rights; authorisation; distributed object systems; domain based authentication service; minimal state; multi organisational enterprise; obligation policies; replicated servers; role based access control; role based security; role framework; security agents; security architecture; security policies; symmetric cryptography; Access control; Authentication; Authorization; Cryptography; Distributed computing; Hospitals; Humans; Information security; Large-scale systems; Object oriented modeling;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 1996. Proceedings of the 5th Workshop on
Conference_Location :
Stanford, CA
Print_ISBN :
0-8186-7446-6
DOI :
10.1109/ENABL.1996.555078
