Title :
An abstract authorization system for the Internet
Author :
Fernandez, Eduardo B. ; Nair, Krishnakumar R.
Author_Institution :
Dept. of Comput. Sci. & Eng., Florida Atlantic Univ., Boca Raton, FL, USA
Abstract :
Most of the work on Internet security focuses on cryptographic approaches. While valuable, this is not a feasible way to control access to documents. Cryptography can only control secrecy and authentication aspects, but cannot handle different types of access by different users, access to portions of documents, and other content restrictions. A higher-level approach is needed. We present here an authorization model for hypertext documents based on the access matrix. We classify different types of documents, we model these using object-oriented approaches, and we define access policies that specify access to those types of documents. Authorization restrictions can be superimposed on the document class model and on its dynamic model. These authorizations are based on a mandatory version of the access matrix, implementing role-based access control. We consider possible implementation architectures, involving servers and databases
Keywords :
Internet; authorisation; cryptography; hypermedia; Internet; Internet security; abstract authorization system; authentication; authorization model; cryptographic approaches; databases; hypertext documents; object-oriented approaches; secrecy; servers; Authentication; Authorization; Computer science; Computer security; Cryptography; Data security; Information security; Internet; Multimedia systems; Protection;
Conference_Titel :
Database and Expert Systems Applications, 1998. Proceedings. Ninth International Workshop on
Conference_Location :
Vienna
Print_ISBN :
0-8186-8353-8
DOI :
10.1109/DEXA.1998.707418
