1.
|
Authorization Recycling in Hierarchical RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefJnlPaper-2009-014]
As distributed applications increase in size and complexity, traditional authorization architectures based on a dedicated authorization server become increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Q. Wei, J. Crampton, K. Beznosov, M. Ripeanu, “Authorization Recycling in Hierarchical RBAC Systems,” to appear in ACM Transactions on Information and System Security (TISSEC), 32 pages, preprint.:
Transfer from CDS 0.99.7: PDF;
|
2.
|
Towards Improving the Availability and Performance of Enterprise Authorization Systems
/ Qiang Wei
[LERSSE-THESIS-2009-006]
Authorization protects application resources by allowing only authorized entities to access them. [...]
Published in Qiang Wei, "Towards Improving the Availability and Performance of Enterprise Authorization Systems," PhD dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, October, 2009, pp.141.:
Transfer from CDS 0.99.7: PDF;
|
3.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-PRESENTATION-2009-079]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu, “Authorization Recycling in RBAC Systems,” in the Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT’08), Estes Park, Colorado, 11-13 June, 2008, pp.63-72.:
Transfer from CDS 0.99.7: PDF;
|
4.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2008-005]
As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," IEEE Transactions on Parallel and Distributed Systems, vol. 20 n.2, February 2009, pp.275-288.:
Transfer from CDS 0.99.7: PDF;
|
5.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-REPORT-2008-026]
As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures---based predominantly on the request-response paradigm---are facing challenges of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," Tech. Rep. LERSSE-TR-2008-02, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, April 2008.:
Transfer from CDS 0.99.7: PDF;
|
6.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefConfPaper-2008-026]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu. Authorization recycling in RBAC systems. In SACMAT '08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, Colorado, USA, June 11-13 2008, pp. 63-72. :
Transfer from CDS 0.99.7: PDF;
|
7.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-PRESENTATION-2007-063]
As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges in terms of fragility and poor scalability [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," presented at the 16th Symposium on High Performance Distributed Computing (HPDC'07), June 27, 2007, Monterey, California, USA. pp.24. :
Transfer from CDS 0.99.7: PDF;
|
8.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-RefConfPaper-2007-022]
As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges in terms of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," in Proceedings of the 16th Symposium on High Performance Distributed Computing (HPDC'07), June 25–29, 2007, Monterey, California, USA. pp.65-74:
Transfer from CDS 0.99.7: PDF;
|
9.
|
The Secondary and Approximate Authorization Model and its Application to Bell-LaPadula Policies
/ Jason Crampton ; Wing Leung ; Konstantin Beznosov
[LERSSE-RefConfPaper-2006-017]
We introduce the concept, model, and policy-specific algorithms for inferring new access control decisions from previous ones. [...]
Published in Jason Crampton, Wing Leung, Konstantin Beznosov "The Secondary and Approximate Authorization Model and its Application to Bell-LaPadula Policies," In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT), Lake Tahoe, California, USA, ACM, 7-9 June, 2006, pp.111-120.:
Transfer from CDS 0.99.7: PDF;
|
10.
|
Flooding and Recycling Authorizations
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2005-018]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, "Flooding and Recycling Authorizations," presentation given at the New Security Paradigms Workshop (NSPW), Lake Arrowhead, CA, USA, 22 September, 2005, pp.25. :
Transfer from CDS 0.99.7: PDF;
|