Role-based privilege and trust management

Dongwan Shin, Gail Joon Ahn

Research output: Contribution to journalArticlepeer-review

21 Scopus citations

Abstract

The Internet provides tremendous connectivity and information sharing capability which organizations can use for their competitive advantage. However, we still observe security challenges in Internet-based applications, especially in terms of their limited support for controlled access to organizational resources and information for unknown} users. Roles can be a convenient construct for expressing entitled privileges and trust degree alike, based upon which further specification of responsibility and capability is made so as to facilitate trust-based authorization for such an environment. In this article, we design a role-based privilege and trust management by leveraging a role-based trust model and a privilege management infrastructure, as an attempt to develop an easy-to-use, flexible, and interoperable authorization mechanism for unknown users. Also, we demonstrate the feasibility of our mechanism by providing a proof-of-concept prototype implementation using commercial off-the-shelf technologies.

Original languageEnglish (US)
Pages (from-to)401-410
Number of pages10
JournalComputer Systems Science and Engineering
Volume20
Issue number6
StatePublished - Nov 1 2005
Externally publishedYes

Keywords

  • Privilege management
  • Role-based access control
  • Trust management

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Role-based privilege and trust management'. Together they form a unique fingerprint.

Cite this