Sciweavers

ICDCS
2002
IEEE

dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments

14 years 4 months ago
dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments
Distributed Role-Based Access Control (dRBAC) is a scalable, decentralized trust-management and accesscontrol mechanism for systems that span multiple administrative domains. dRBAC utilizes PKI identities to define trust domains, roles to define controlled activities, and role delegation across domains to represent permissions to these activities. The mapping of controlled actions to roles enables their namespaces to serve as policy roots. dRBAC distinguishes itself from previous approaches by providing three features: (1) third-party delegation of roles from outside a domain’s namespace, relying upon an explicit delegation of assignment; (2) modulation of transferred permissions using scalar valued attributes associated with roles; and (3) continuous monitoring of trust relationships over long-lived interactions. This paper describes the dRBAC model and its scalable implementation using a graph approach to credential discovery and validation.
Eric Freudenthal, Tracy Pesin, Lawrence Port, Edwa
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ICDCS
Authors Eric Freudenthal, Tracy Pesin, Lawrence Port, Edward Keenan, Vijay Karamcheti
Comments (0)