000000210 001__ 210
000000210 005__ 20130522141949.0
000000210 037__ $$aLERSSE-PRESENTATION-2009-079
000000210 041__ $$afre
000000210 100__ $$aQiang Wei
000000210 245__ $$aAuthorization Recycling in RBAC Systems
000000210 260__ $$c2008-06-30
000000210 300__ $$amult. p
000000210 520__ $$aAs distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. Authorization recycling is one technique that has been used to address these challenges. This paper introduces and evaluates the mechanisms for authorization recycling in RBAC enterprise systems. The algorithms that support these mechanisms allow precise and approximate authorization decisions to be made, thereby masking possible failures of the policy decision point and reducing its load. We evaluate these algorithms analytically and using a prototype implementation. Our evaluation results demonstrate that authorization recycling can improve the performance of distributed access control mechanisms.
000000210 6531_ $$aSAAM
000000210 6531_ $$aJAMES
000000210 6531_ $$aAuthorization recycling
000000210 6531_ $$aRBAC
000000210 700__ $$aJason Crampton
000000210 700__ $$aKonstantin Beznosov
000000210 700__ $$aMatei Ripeanu
000000210 8560_ $$fqiangw@ece.ubc.ca
000000210 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/210/files/210.pdf$$yTransfer from CDS 0.99.7
000000210 909C4 $$pQiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu, “Authorization Recycling in RBAC Systems,” in the Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT’08), Estes Park, Colorado, 11-13 June, 2008, pp.63-72.
000000210 980__ $$aPRESENTATION