[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Secure Role Activation and Authorization in the Enterprise Environment

  • Conference paper
Public Key Infrastructure (EuroPKI 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3545))

Included in the following conference series:

  • 602 Accesses

Abstract

Role Based Access Control (RBAC) [3] is a popular approach to specify and enforce security policies in organizations. In large enterprise systems, the number of users, roles and permissions can be in hundreds or thousands and the security management can be a tedious task. One way to simplify the security management in RBAC is to allow the specification and the enforcement of dynamic constraints to be decentralized [7]. In this paper, we discuss the issues for supporting secure role activation and authorization when the decentralized approach to role activation management is adopted. Secure protocols are proposed to handle the processes of role assignment, role activation and authorization.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signature schemes for delegation of signing rights (2003), http://eprint.iacr.org/curr/

  2. Ferraiolo, D.F., Barklery, J.F., Kuhn, D.R.: A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security 2(1), 34–64 (1999)

    Article  Google Scholar 

  3. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-based access control. Artech House, Boston (2003)

    MATH  Google Scholar 

  4. Hitchens, M., Varadharajan, V., Saunders, G.: Policy administration domains. In: ACISP, pp. 286–302 (2002)

    Google Scholar 

  5. Kim, S., Park, S., Won, D.: Proxy signatures, revisited. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 223–232. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  6. Lee, G., Kim, W., Kim, D.-K., Yeh, H.: Effective web-related resource security using distributed role hierarchy. In: WAIM, pp. 87–96 (2004)

    Google Scholar 

  7. Lui, R.W.C., Chow, S.S.M., Hui, L.C.K., Yiu, S.M.: Role activation management in role based access control. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 358–369. Springer, Heidelberg (2005) (to appear)

    Google Scholar 

  8. Mambo, M., Usuda, K., Okamoto, E.: Proxy signatures: Delegation of the power to sign messages. IEICE Trans. on Fundamentals E79-A(9), 1338–1354 (1996)

    Google Scholar 

  9. Montenegro, J.A., Moya, F.: A practical approach of X.509 attribute certificate framework as support to obtain privilege delegation. In: Katsikas, S.K., Gritzalis, S., López, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 160–172. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Nicolosi, A., Krohn, M., Dodis, Y., Eres, D.: Proactive two-party signatures for user authentication. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium, February 2003, pp. 233–24 (2003)

    Google Scholar 

  11. Park, J.S., Sandhu, R.S.: RBAC on the web by smart certificates. In: ACM Workshop on Role-Based Access Control, pp. 1–9 (1999), citeseer.nj.nec.com/park99rbac.html

  12. Park, J.S., Sandhu, R.S., Ghanta, S.: RBAC on the web by secure cookies. In: DBSec, pp. 49–62 (1999)

    Google Scholar 

  13. Sandhu, R., Chandramouli, R.: Role based access control features in commercial database management systems. In: 21st National Information Systems Security Conference, Crystal City, Virginia, October 6-9 (1998)

    Google Scholar 

  14. Rivest, R.L., Shamir, A., Adelman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Technical Report MIT/LCS/TM-82 (1977)

    Google Scholar 

  15. Schnorr, C.-P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)

    Google Scholar 

  16. Simon, R.T., Zurko, M.E.: Separation of duty in role-based environments. In: IEEE Computer Security Foundations Workshop, pp. 183–194 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lui, R.W.C., Hui, L.C.K., Yiu, S.M. (2005). Secure Role Activation and Authorization in the Enterprise Environment. In: Chadwick, D., Zhao, G. (eds) Public Key Infrastructure. EuroPKI 2005. Lecture Notes in Computer Science, vol 3545. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11533733_2

Download citation

  • DOI: https://doi.org/10.1007/11533733_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28062-0

  • Online ISBN: 978-3-540-31585-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics