A Resource Access Decision Service for CORBA-based Distributed Systems

Konstantin Beznosov ; Yi Deng ; Bob Blakley ; Carol Burt ; John Barkley

16 October 2005

Abstract: Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent from a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those polices and factors are. It also enables elaborate and consistent access control policies across heterogeneous systems. We present design of a service for re-source access authorization in distributed systems. The service enables to decouple authorization logic from application functionality. Although the described service is based on CORBA technology, the design approach can be successfully used in any distributed computing environment.

Keyword(s): Engineering Security Mechanisms ; RAD ; Resource Access Decision ; CORBA ; access control ; authorization service

Published in: Konstantin Beznosov, Yi Deng, Bob Blakley, Carol Burt, John Barkley, "A Resource Access Decision Service for CORBA-based Distributed Systems," in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Phoenix, Arizona, U.S.A., 6-10 December, 1999, pp.310-319.:

The record appears in these collections:
Engineering Security Mechanisms
Refereed Conference Papers

 Record created 2009-04-27, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)