Abstract
In the age of information technology, organizations of all types are seeking to effectively utilize and disseminate information via dependable and secure distributed computing environments. While many existing access control approaches (mandatory, discretionary, and role-based) can be leveraged for the support of security, their assumptions of a centralized computing model may be insufficient in a distributed setting. In recent years, agent computing has emerged as a new computing paradigm, particularly suited to distributed and web-based applications. This paper explores the ability of software agents to support role-based security in a dynamic, object-based setting which is suitable for distributed and web-based applications, with experimental prototypes using Aglets, a Java-based mobile agent model from IBM. The agent approaches differ in their utilization of agents (stationary and mobile) and the granularity level of the involved classes/objects.
The work in this paper has been partially supported by a contract from the Mitre Corporation (Eatontown, NJ) and AFOSR research grant F49620-99-1-0244.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35508-5_22
Chapter PDF
Similar content being viewed by others
References
Demurjian, S. and Ting, T.C. (1997). Towards a definitive paradigm for security in object-oriented systems and applications. Journal. of Computer Security, 5(4).
Demurjian, S., Ting, T.C. and Reisner, J. (1998). Software architectural alternatives for user role-based security policies. Database Security, XI, Status and Prospects (eds. T. Y. Lin and X. Qian ), Chapman Hall.
Genesereth, M. and Ketchpel, S. (1994). Software agents. Communications of the ACM, 37(7).
Hale, J. et al. (1996). A framework for high assurance security of distributed objects. Proceedings of Tenth IFIP WG11.3 Working Conf. on Database Security, Como, Italy.
Hale,J. et al. (1998). Programmable security for object-oriented systems, Proceedings of the Twelfth IFIP WG11.3 Working Conference on Database Security, Chalkidiki, Greece.
Karjoth, G., Lange, D. and Oshima, M. (1997). A security model for aglets”, IEEE Internet Computing, 1(4).
Keefe, T. et al. (1988). A multilevel security model for object-oriented systems. Proceedings of the Eleventh National Computer Security Conference.
Landwehr, C. et al. (1984). A security model for military message systems. ACM Transactions on Computer Systems, 2(3).
Lange, D. and Oshima, M. (1998). Programming and Deploying Java Mobile Agents with Aglets,Addison-Wesley.
Lochovsky, F.H. and Woo, C.C. (1988). Role-based security in data base management systems. Database Security: Status and Prospects (ed. C. Landwehr ), North-Holland.
Sandhu, R. et al. (1996). Role-Based Access Control Models. IEEE Computer, 29(2).
Smarkusky, D., Demurjian, S., Ting, T.C. and Bastarrica, C. (1999). Role-based security and Java. Database Security, XII: Status and Prospects (ed. S. Jajodia ), Kluwer.
Tari, Z. (1998) Designing security agents for DOK federated system. Database Security, XI, Status and Prospects (eds. T. Y. Lin and X. Qian ), Chapman Hall.
www.trl.ibm.co.jp/aglets/
www.metica.com/HSL/Projects/Concordia
www.generalmagic.com/techno1ogy.techno1ogy.html
www.objectspace.com/voyager
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Demurjian, S., He, Y., Ting, T.C., Saba, M. (2000). Software Agents for Role Based Security. In: Atluri, V., Hale, J. (eds) Research Advances in Database and Information Systems Security. IFIP — The International Federation for Information Processing, vol 43. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35508-5_6
Download citation
DOI: https://doi.org/10.1007/978-0-387-35508-5_6
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6411-6
Online ISBN: 978-0-387-35508-5
eBook Packages: Springer Book Archive