Using X.509 attribute certificates for role-based EAM

Dongwan Shin, Gail-Joon Ahn, Sangrae Cho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks. The components for role administration are defined and a security architecture is discussed. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Several issues from our experiment are briefly discussed as well.

Original languageEnglish (US)
Title of host publicationIFIP Advances in Information and Communication Technology
PublisherSpringer New York LLC
Pages49-60
Number of pages12
Volume128
ISBN (Print)9781475764130
DOIs
StatePublished - 2003
Externally publishedYes
EventIFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security - Cambridge, United Kingdom
Duration: Jul 28 2002Jul 31 2002

Publication series

NameIFIP Advances in Information and Communication Technology
Volume128
ISSN (Print)18684238

Other

OtherIFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security
CountryUnited Kingdom
CityCambridge
Period7/28/027/31/02

Fingerprint

Extranet
Role-based access control
Experiment
Authorization

Keywords

  • Access control
  • Attribute certificate
  • Privilege management infrastructure
  • Role-based access control

ASJC Scopus subject areas

  • Information Systems and Management

Cite this

Shin, D., Ahn, G-J., & Cho, S. (2003). Using X.509 attribute certificates for role-based EAM. In IFIP Advances in Information and Communication Technology (Vol. 128, pp. 49-60). (IFIP Advances in Information and Communication Technology; Vol. 128). Springer New York LLC. https://doi.org/10.1007/978-0-387-35697-6

Using X.509 attribute certificates for role-based EAM. / Shin, Dongwan; Ahn, Gail-Joon; Cho, Sangrae.

IFIP Advances in Information and Communication Technology. Vol. 128 Springer New York LLC, 2003. p. 49-60 (IFIP Advances in Information and Communication Technology; Vol. 128).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Shin, D, Ahn, G-J & Cho, S 2003, Using X.509 attribute certificates for role-based EAM. in IFIP Advances in Information and Communication Technology. vol. 128, IFIP Advances in Information and Communication Technology, vol. 128, Springer New York LLC, pp. 49-60, IFIP TC11/WG11.3 16th Annual Conference on Data and Applications Security, Cambridge, United Kingdom, 7/28/02. https://doi.org/10.1007/978-0-387-35697-6
Shin D, Ahn G-J, Cho S. Using X.509 attribute certificates for role-based EAM. In IFIP Advances in Information and Communication Technology. Vol. 128. Springer New York LLC. 2003. p. 49-60. (IFIP Advances in Information and Communication Technology). https://doi.org/10.1007/978-0-387-35697-6
Shin, Dongwan ; Ahn, Gail-Joon ; Cho, Sangrae. / Using X.509 attribute certificates for role-based EAM. IFIP Advances in Information and Communication Technology. Vol. 128 Springer New York LLC, 2003. pp. 49-60 (IFIP Advances in Information and Communication Technology).
@inproceedings{60963bc9867348c7ab8fe8da2fddcee9,
title = "Using X.509 attribute certificates for role-based EAM",
abstract = "In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks. The components for role administration are defined and a security architecture is discussed. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Several issues from our experiment are briefly discussed as well.",
keywords = "Access control, Attribute certificate, Privilege management infrastructure, Role-based access control",
author = "Dongwan Shin and Gail-Joon Ahn and Sangrae Cho",
year = "2003",
doi = "10.1007/978-0-387-35697-6",
language = "English (US)",
isbn = "9781475764130",
volume = "128",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer New York LLC",
pages = "49--60",
booktitle = "IFIP Advances in Information and Communication Technology",

}

TY - GEN

T1 - Using X.509 attribute certificates for role-based EAM

AU - Shin, Dongwan

AU - Ahn, Gail-Joon

AU - Cho, Sangrae

PY - 2003

Y1 - 2003

N2 - In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks. The components for role administration are defined and a security architecture is discussed. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Several issues from our experiment are briefly discussed as well.

AB - In this paper, we describe an experiment of designing and implementing a rolebased extranet access management (EAM) by leveraging role-based access control (RBAC) and X.S09 attribute certificates for scalable and interoperable authorization. Compared with previous works in this area, we show that our approach can overcome the problems of previous solutions and broaden RBAC's applicability into large-scale networks. The components for role administration are defined and a security architecture is discussed. We also demonstrate the feasibility of our approach through a proof-of-concept implementation. Several issues from our experiment are briefly discussed as well.

KW - Access control

KW - Attribute certificate

KW - Privilege management infrastructure

KW - Role-based access control

UR - http://www.scopus.com/inward/record.url?scp=84904360267&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84904360267&partnerID=8YFLogxK

U2 - 10.1007/978-0-387-35697-6

DO - 10.1007/978-0-387-35697-6

M3 - Conference contribution

AN - SCOPUS:84904360267

SN - 9781475764130

VL - 128

T3 - IFIP Advances in Information and Communication Technology

SP - 49

EP - 60

BT - IFIP Advances in Information and Communication Technology

PB - Springer New York LLC

ER -