Abstract
For an efficient role based access control using attribute certificate, we use a technique of structuring role specification certificates. It can reduce management cost and overhead incurred when changing the specification of the role. Especially, the highly distributed computing environments that cannot have global or broad control need another attribute certificate management technique. In this paper, the roles are grouped and made them into the relation tree. In order to be scalable distribution of the role specification certificate, we use multicasting packets. Also, performance enhancement of structuring role specification certificates is quantified in the sense of taking into account of the packet loss. In the experimental section, it is shown that role updating and distribution are secured and efficient.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ferraiolo, D.F., Sandhu, R., Bavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
ITI (Information Technology Industry Council), Role Based Access Control ITU/T. Recommendation X.509, ISO/IEC 9594-8, Information Technology Open Systems Interconnection - The Directory: Public-Key and Attribute Certificate Frameworks (2003)
English, C., Nixon, P., Terzis, S., McGetrtrick, A., Lowe, H.: Dynamic Trust Models for Ubiquitous Computing Environments. In: Workshop on Security in Ubiquitous Computing (2002)
Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization. IETF RFC 3281 (2002)
Yang, S.: Role Based Access Control Supporting Coherent Caching of Privilege Delegation Which Utilizes Group Key. The Journal of Suwon Information Technology 3 (2004)
Joshi, J.B.D., Bertino, E., Ghafoor, A.: Temporal hierarchies and inheritance semantics for GTRBAC. In: Proceedings of the seventh ACM symposium on Access control models and technologies, Monterey, California, USA, pp. 74–83 (2002)
Goldberg, A., Buff, R., Schmitt, A.: Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys. In: Workshop on Internet Server Performance held in conjunction with SIGMETRICS 1998 (1998)
Setia, S., Zhu, S., Jajodia, S.: A Comparative Performance Analysis of Reliable Group Rekey Transport Protocols for Secure Multicast. In: Proc. of the Performance (2002)
Rafaeli, S., Hutchison, D.: A Survey of Key Management for Secure Group Communication. ACM Computing Surveys 35(3) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yang, S. (2005). An Efficient Access Control Model Utilized the Attribute Certificate Structuring. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_41
Download citation
DOI: https://doi.org/10.1007/11560326_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29113-8
Online ISBN: 978-3-540-31998-6
eBook Packages: Computer ScienceComputer Science (R0)