[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI

  • Conference paper
Agent Computing and Multi-Agent Systems (PRIMA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 5044))

Included in the following conference series:

Abstract

This paper presents the approach of the distributed RBAC (DRBAC) access control of the multi-application delegated to the multi-user and multi-relying party federations. In our approach, DRBAC utilizes Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) to serve the authentication and authorization. We propose the dynamic mapping scheme based on the Attribute Certification model in handling user identification, role assignment, and privilege delegation. To encourage distributedness, better scalability and performance, as well as ease of management and extension, Multi-Agent Systems concept is applied for the automation of the authentication, authorization and accountability functionalities. For the trust management of multiple PKI domains, we employ the Certificate Trust Lists (CTLs) model to make the different PKI domains can interoperate effectively. Finally, our ongoing implementation is demonstrated to prove our proposed model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Lee, D.-G., Kang, S.-I., Seo, D.-H., Lee, I.-Y.: Authentication for single/Multi domain in ubiquitous computing using attribute certification. In: Gavrilova, M.L., Gervasi, O., Kumar, V., Tan, C.J.K., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol. 3983, pp. 326–335. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  2. Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization (April 2002), http://www.ietf.org/rfc/rfc3281.txt

  3. Wang, X., Zhao, G., Zhang, X., Jin, B.: An Agent-Based Model For Web Services Transaction Processing. In: IEEE International Conference on e-Technology, e-Commerce, and e-Services (EEE 2005), pp. 186–189. IEEE Computer Society, China (2005)

    Chapter  Google Scholar 

  4. Fugkeaw, S., Manpanpanich, P., Jantrapremjitt, S.: AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment. In: IEEE International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2007). IEEE Computer Society, Spain (2007)

    Google Scholar 

  5. Thompson, W., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based access control for widely distributed resources. In: Proc. of the 8th USENIX Security Symposium, USA (1999)

    Google Scholar 

  6. ITU-T Rec. X.509, ISO/IEC 9594-8 The Directory: Authentication Framework (2000)

    Google Scholar 

  7. Chadwick, D.W., Otenko, A., Ball, E.: Role based access controls with X.509 attribute certificates. IEEE Internet Computing, 62–69 (2003)

    Google Scholar 

  8. Chadwick, D.W., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: ACM Symposium On Access Control Models And Technologies (SACMAT 2002), pp. 135–140. ACM, USA (2002)

    Google Scholar 

  9. Zhou, W., Meinel, C.: Implement Role-Based Access Control With Attribute Certificates. In: International Conference on Advanced Communication Technology (ICACT 2004), Korea, pp. 536–541 (2004)

    Google Scholar 

  10. Freudenthal, E., Pesin, T., Port, L.: DRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. Technical Report TR2001-819, Department of Computer Science, New York University

    Google Scholar 

  11. Li, N., Mao, Z.: Administration in Role-Based Access Control. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), pp. 127–138. ACM, Singapore (2007)

    Google Scholar 

  12. Santa, G.A., Higuera, D.: Mobile User Authentication Protocols. In: Proc. Of IASTED International Conference in Wireless and Optical Communication, Canada (2001)

    Google Scholar 

  13. Ma, M., Woodhead, S.: Constraint-enabled Distributed RBAC for Subscription-based Remote Network Services. In: IEEE International Conference on Computer and Information Technology (CIT 2006). IEEE Computer Society, USA (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fugkeaw, S., Manpanpanich, P., Juntapremjitt, S. (2009). Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI. In: Ghose, A., Governatori, G., Sadananda, R. (eds) Agent Computing and Multi-Agent Systems. PRIMA 2007. Lecture Notes in Computer Science(), vol 5044. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01639-4_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01639-4_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01638-7

  • Online ISBN: 978-3-642-01639-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics