Web-based authorization based on X.509 privilege management infrastructure

Author

Forné, Jordi ; Hinarejos, M. Francisca

Author_Institution

Dept. of Telematics Eng., Univ. Politecnica de Catalunya, Barcelona, Spain

Volume

2

fYear

2003

fDate

28-30 Aug. 2003

Firstpage

565

Abstract

The access control to resources is bound up with the authentication and the authorization. The methods used up till now are quite static and maintain the information centralized with some important scalability problems. In addition, they do not take advantage of public key cryptography for the authorization. In order to overcome these disadvantages the ITU-T X.509 Recommendation defines a framework for authentication (PKI, public key infrastructure, based on identity certificates) and authorization (PMI, privilege management infrastructure, based on attribute certificate). This paper presents an implementation of an authorization system for Web-based applications based on the ITU-T X.509 Recommendation. For compatibility with Web clients and servers, the credentials are transmitted using a standard Web communications protocol, such as https. The goal of our system is that is easy-to-use, X.509 compatible and a standard Web browser can be used as a client.

Keywords

Internet; access protocols; authorisation; message authentication; online front-ends; public key cryptography; PMI; Web browser; Web communications protocol; X.509 attribute certificate; access control; authentication; authorization system; privilege management infrastructure; public key cryptography; Access control; Authentication; Authorization; Communication standards; Identity management systems; Protocols; Public key; Public key cryptography; Scalability; Web server;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications, Computers and signal Processing, 2003. PACRIM. 2003 IEEE Pacific Rim Conference on

Print_ISBN

0-7803-7978-0

Type

conf

DOI

10.1109/PACRIM.2003.1235844

Filename

1235844