Title :
Access control in distributed object systems: problems with access control lists
Author_Institution :
Infosys Technologies Ltd, Bangalore, India
Abstract :
Providing satisfactory access control mechanisms for distributed object systems is a challenge, as the characteristics of these mechanisms are not well understood. Distributed object technology has progressed in recent times but the lack of practically useful security mechanisms for access control hinders their deployment in application domains. CORBA from the Object Management Group is one of the most popular distributed object technologies. Despite its popularity, commercial product releases that fully confirm to its security service specification are just beginning to emerge. Access control in CORBA or any other distributed system becomes complicated because of the fact that a target object upon receiving an invocation from an authorized client may have to become the client of other objects in the system (in order to form a response to the original request). So the basic question boils down to one of delegation. In this paper we look at some drawbacks of access control lists (ACL´s) that are in wide use
Keywords :
authorisation; distributed object management; CORBA; access control; access control lists; distributed object systems; security service specification; Access control; Access protocols; Authentication; Authorization; Computer networks; Data security; Distributed computing; Operating systems; Permission; Technology management;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2001. WET ICE 2001. Proceedings. Tenth IEEE International Workshops on
Conference_Location :
Cambridge, MA
Print_ISBN :
0-7695-1269-0
DOI :
10.1109/ENABL.2001.953407
