Title :
Generalized access control in hierarchical computer network
Author :
Krawczyk, Henryk ; Lubomski, Pawel
Author_Institution :
Dept. of Comput. Archit., Gdansk Univ. of Technol., Gdansk, Poland
Abstract :
The paper presents the design of the security layer for a distributed system located in the multizone hierarchical computer network. Depending on the zone from which a client´s request comes to the system and the type of the request, it will be either authorized or rejected. There is one common layer for the access to all the business services and interactions between them. Unlike the commonly used RBAC model, this system enforces a multilayer authentication and authorization. Actor´s privileges are the result of the user´s and the system´s roles conjunction with the network zone. Unlike common systems, the privileges are given to a digital identity, not to particular accounts, so that it does not matter which account was used by the user - he will get the same privileges. Such a combination of many smaller ideas and methods results in a new and modern approach to the security aspects of the distributed service oriented systems.
Keywords :
authorisation; computer network security; RBAC model; digital identity; distributed service oriented systems; distributed system; generalized access control; hierarchical computer network; multilayer authentication; multilayer authorization; security layer; Computational modeling; access control; digital identity; hierarchical computer network; network zone; security;
Conference_Titel :
Information Technology (ICIT), 2010 2nd International Conference on
Conference_Location :
Gdansk
Print_ISBN :
978-1-4244-8182-8
