Using X.509 attribute certificates for role-based EAM

Dongwan Shin, Gail Joon Ahn, Sangrae Cho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks. The components for role administration are defined and a security architecture is discussed. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Several issues from our experiment are briefly discussed as well.

Original languageEnglish (US)
Title of host publicationResearch directions in Data and Applications Security - IFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security
PublisherSpringer New York LLC
Pages49-60
Number of pages12
ISBN (Print)9781475764130
DOIs
StatePublished - 2003
Externally publishedYes
EventIFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security - Cambridge, United Kingdom
Duration: Jul 28 2002Jul 31 2002

Publication series

NameIFIP Advances in Information and Communication Technology
Volume128
ISSN (Print)1868-4238

Other

OtherIFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security
CountryUnited Kingdom
CityCambridge
Period7/28/027/31/02

Keywords

  • Access control
  • Attribute certificate
  • Privilege management infrastructure
  • Role-based access control

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management

Fingerprint Dive into the research topics of 'Using X.509 attribute certificates for role-based EAM'. Together they form a unique fingerprint.

  • Cite this

    Shin, D., Ahn, G. J., & Cho, S. (2003). Using X.509 attribute certificates for role-based EAM. In Research directions in Data and Applications Security - IFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security (pp. 49-60). (IFIP Advances in Information and Communication Technology; Vol. 128). Springer New York LLC. https://doi.org/10.1007/978-0-387-35697-6_5