The Internet provides tremendous connectivity and immense information sharing capability which the organizations can use for their competitive advantage. However, we still observe security challenges in Internet-based applications that demand a unified mechanism for both managing the authentication of users across enterprises and implementing business rules for determining user access to enterprise applications and their resources. These business rules are utilized for privilege management or authorization in a security context. In this paper, we design a role-based privilege management leveraging access control models and X.509 attribute certificate. We attempt to develop an easy-to-use, flexible, and interoperable authorization mechanism. Also, we demonstrate the feasibility of our architecture by providing the proof-of-concept prototype implementation using commercial off-the-shelf technologies.
|Original language||English (US)|
|Number of pages||10|
|Journal||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|State||Published - Dec 1 2004|
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)