Title :
A New Design Scheme of Role-Based Access Control Based on PKI
Author :
Deng, Yuping ; Guo, Xiaowei ; Niu, Xiamu
Author_Institution :
Shenzhen Graduate Sch., Harbin Inst. of Technol., Shenzhen
fDate :
Aug. 30 2006-Sept. 1 2006
Abstract :
Identification and authorization are the two important problems among the intractable issues of network security. In this thesis, we first discuss the advantages and disadvantages of several traditional ways in identification and authorization including Kerberos, SSL, DAC, MAC, RBAC and PKI/PMI. Because of the inherent weakness of DAC and MAC, and the complexity of PMI, we propose a new system which combines role-based access control with PKI. It implements the process of identifying and privilege delegation as a whole. The model of RBAC based on PKI can ensure the security of both identification and authorization of the protected system and maximize the flexibility for users´ maintenance. The particular process of identification and authorization has been given in the thesis. At last, we analyze the security of the system and also point out some existing threats the new framework has to face to
Keywords :
authorisation; client-server systems; computer networks; message authentication; public key cryptography; telecommunication security; message authentication; network security; public key infrastructure; role-based access control design scheme; system authorization; system identification; Access control; Access protocols; Authorization; Data structures; Protection; Public key; Security; Sockets; Technological innovation; Web server;
Conference_Titel :
Innovative Computing, Information and Control, 2006. ICICIC '06. First International Conference on
Conference_Location :
Beijing
Print_ISBN :
0-7695-2616-0
DOI :
10.1109/ICICIC.2006.387
