000000037 001__ 37
000000037 005__ 20130522141947.0
000000037 037__ $$aLERSSE-REPORT-2005-009
000000037 041__ $$aeng
000000037 100__ $$aLuis Espinal
000000037 100__ $$aKonstantin Beznosov
000000037 100__ $$aYi Deng
000000037 245__ $$aDesign and Implementation of Resource Access Decision Server
000000037 260__ $$c2005-10-16
000000037 520__ $$aDecoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. However, this is difficult, if not impossible to implement by exclusively using general-purpose infrastructures such as CORBA Security Service. In response to this limitation of CORBA Security service the Object Management Group (OMG) has adopted a Resource Access Decision (RAD) Facility, an authorization service for distributed systems, as a pre-final standard. By using RAD facility, developers can implement systems with authorization logic decoupled from application-specific logic and decentralized evaluation and administration of the access policies. This report documents the design and implementation of a Resource Access Decision (RAD) facility. The report covers the different components that comprise a RAD system, their designs, functions and interdependencies. The RAD prototype allows studying the validity of the frame-work and conduction of experiments in the research of distributed access control. Since the design of the prototype is heavily influenced by design patterns, the prototype can easily be maintained and augmented with more complex access control mechanisms.
000000037 6531_ $$aAuthorization
000000037 6531_ $$aaccess control
000000037 6531_ $$aresource access decision
000000037 6531_ $$aCORBA
000000037 6531_ $$aJava security
000000037 6531_ $$aauthorization
000000037 6531_ $$asoftware engineering
000000037 6531_ $$adistributed security
000000037 6531_ $$adistributed systems
000000037 6531_ $$aengineering security mechanisms
000000037 8560_ $$fqiangw@ece.ubc.ca
000000037 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/37/files/37.pdf$$yTransfer from CDS 0.99.7
000000037 909C4 $$pLuis Espinal, Konstantin Beznosov, Yi. Deng, "Design and Implementation of Resource Access Decision Server," Center for Advanced Distributed Systems Engineering (CADSE). Florida International University, technical report #2000-01, pp.18$$y21 January, 2000
000000037 980__ $$aREPORT