Role-based privilege and trust management

Dongwan Shin, Gail Joon Ahn

Research output: Contribution to journalArticle

21 Scopus citations

Abstract

The Internet provides tremendous connectivity and information sharing capability which organizations can use for their competitive advantage. However, we still observe security challenges in Internet-based applications, especially in terms of their limited support for controlled access to organizational resources and information for unknown} users. Roles can be a convenient construct for expressing entitled privileges and trust degree alike, based upon which further specification of responsibility and capability is made so as to facilitate trust-based authorization for such an environment. In this article, we design a role-based privilege and trust management by leveraging a role-based trust model and a privilege management infrastructure, as an attempt to develop an easy-to-use, flexible, and interoperable authorization mechanism for unknown users. Also, we demonstrate the feasibility of our mechanism by providing a proof-of-concept prototype implementation using commercial off-the-shelf technologies.

Original languageEnglish (US)
Pages (from-to)401-410
Number of pages10
JournalComputer Systems Science and Engineering
Volume20
Issue number6
StatePublished - Nov 1 2005
Externally publishedYes

Keywords

  • Privilege management
  • Role-based access control
  • Trust management

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Role-based privilege and trust management'. Together they form a unique fingerprint.

  • Cite this