Cross-domain access control via PKI

In this note we consider how role-based access control can be managed on a large scale over the Internet and across organizational boundaries. We take a PKI approach, in which users are identified using public key certificates, as are the servers. The main features of our approach are: access contro...

Full description

Saved in:
Bibliographic Details
Main Authors: Denker, G., Millen, J., Miyake, Y.
Format: Conference Proceeding
Language:English
Subjects:
Access control
Computer science
Internet
Laboratories
Large-scale systems
Network servers
Public key
Research and development
Research and development management
Web server
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this note we consider how role-based access control can be managed on a large scale over the Internet and across organizational boundaries. We take a PKI approach, in which users are identified using public key certificates, as are the servers. The main features of our approach are: access control by (client, role) pair; implied revocation based on the role hierarchy; automatic generation of certificate validity tickets; and certificate chains to prove a client role hierarchy to a server.
DOI:10.1109/POLICY.2002.1011308