Abstract
To meet the authorization administration requirements in a distributed computer network environment, this paper extends the role-based access control model with multiple application dimensions and establishes a new access control model ED-RBAC(Extended Role Based Access Control Model) for the distributed environment. We propose an extendable hierarchical authorization assignment framework and design effective role-registering, role-applying and role-assigning protocol with symmetric and asymmetric cryptographic systems. The model can be used to simplify authorization administration in a distributed environment with multiple applications.
Similar content being viewed by others
References
Sun X R, Wang Y M (1999) Authentication and key distribution protocol for distributed computer environment.Chinese Journal of Computers, 22(6) (in Chinese)
Duan S J, Hong F, Luo T (2003) Secure interoperable authorization model of multi-domain application.Journal of Huazhong University of Science and Technology (Natural Science Edition), 31 (11) (in Chinese)
Wang Y, Lu Y (2000) Distributed access control using authorization certificates.Computer Engineering & Science, 22(6) (in Chinese)
Jiang X H, Wan C Y, Chen K S (2002) Distributed access control using SPKI delegation certificates.Research & Development, (1) (in Chinese)
Qiao Y, Xu D, Dai G Z (2000) A new role-based access control model and its implementation mechanism.Journal of Computer Research & Development, 37 (1) (in Chinese)
Fan C Y, Yin X L, Duan S J (2003) The design and implementation of access control on B/S system.Network & Computer Security, (4) (in Chinese)
Park J S, Sandhu R (2001) Role-based access control on the Web.ACM Transactions on Information and System Security, 4(1):37–71
Tan Q, Huang L (2002) The principle and implementation of PMI.Computer Engineering, 28(8) (in Chinese)
Ahn G J, Sandhu R (2000) Role-based authorization constraints specification.ACM Transactions on Information and System Security, 3(4):207–226
Author information
Authors and Affiliations
About this article
Cite this article
Sujuan, D., Fan, H. & Xinhua, L. Authorization administration in a distributed multi-application environment. Geo-spat. Inf. Sci. 7, 303–307 (2004). https://doi.org/10.1007/BF02828557
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02828557