• DocumentCode
    3208458
  • Title

    An authorization scheme for distributed object systems

  • Author

    Nicomette, V. ; Deswart, Y.

  • Author_Institution
    Lab. d´´Autom. et d´´Anal. des Syst., CNRS, Toulouse, France
  • fYear
    1997
  • fDate
    4-7 May 1997
  • Firstpage
    21
  • Lastpage
    30
  • Abstract
    Addresses the problem of distributed object system protection. A new authorization scheme is presented and described, based on the collaboration between a central authorization server and security kernels located on each site of the system. A novel approach to access rights management for such an architecture is detailed, based on a new kind of access rights and a new scheme of privilege delegation. This authorization scheme can be adapted to various security policies, including multilevel policies such as that of Bell & LaPadula (1975). An extension of the Bell-LaPadula model to distributed object systems is presented and its implementation using the authorization scheme is described
  • Keywords
    authorisation; distributed processing; network servers; object-oriented programming; Bell-LaPadula model; access rights management; authorization scheme; central authorization server; distributed object systems; multilevel policies; privilege delegation; security kernels; security policies; system protection; Authorization; Books; Collaboration; Containers; File servers; Kernel; Monitoring; Permission; Protection; Utility programs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • ISSN
    1081-6011
  • Print_ISBN
    0-8186-7828-3
  • Type

    conf

  • DOI
    10.1109/SECPRI.1997.601310
  • Filename
    601310
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3208458