DocumentCode
1823329
Title
Cross-domain access control via PKI
Author
Denker, Grit ; Millen, Jon ; Miyake, Yutaka
Author_Institution
Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA
fYear
2002
fDate
2002
Firstpage
202
Lastpage
205
Abstract
In this note we consider how role-based access control can be managed on a large scale over the Internet and across organizational boundaries. We take a PKI approach, in which users are identified using public key certificates, as are the servers. The main features of our approach are: access control by (client, role) pair; implied revocation based on the role hierarchy; automatic generation of certificate validity tickets; and certificate chains to prove a client role hierarchy to a server.
Keywords
Internet; authorisation; client-server systems; public key cryptography; telecommunication security; Internet; PKI; certificate validity ticket generation; client role hierarchy; client server system; cross-domain access control; implied revocation; organizational boundaries; public key certificates; public key cryptography; role hierarchy; role-based access control; Access control; Computer science; Internet; Laboratories; Large-scale systems; Network servers; Public key; Research and development; Research and development management; Web server;
fLanguage
English
Publisher
ieee
Conference_Titel
Policies for Distributed Systems and Networks, 2002. Proceedings. Third International Workshop on
Print_ISBN
0-7695-1611-4
Type
conf
DOI
10.1109/POLICY.2002.1011308
Filename
1011308
Link To Document