MMM-ACNS 2005: Computer Network Security pp 466-471 | Cite as

An Efficient Access Control Model Utilized the Attribute Certificate Structuring

  • Soomi Yang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3685)

Abstract

For an efficient role based access control using attribute certificate, we use a technique of structuring role specification certificates. It can reduce management cost and overhead incurred when changing the specification of the role. Especially, the highly distributed computing environments that cannot have global or broad control need another attribute certificate management technique. In this paper, the roles are grouped and made them into the relation tree. In order to be scalable distribution of the role specification certificate, we use multicasting packets. Also, performance enhancement of structuring role specification certificates is quantified in the sense of taking into account of the packet loss. In the experimental section, it is shown that role updating and distribution are secured and efficient.

This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ferraiolo, D.F., Sandhu, R., Bavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)CrossRefGoogle Scholar
  2. 2.
    ITI (Information Technology Industry Council), Role Based Access Control ITU/T. Recommendation X.509, ISO/IEC 9594-8, Information Technology Open Systems Interconnection - The Directory: Public-Key and Attribute Certificate Frameworks (2003)Google Scholar
  3. 3.
    English, C., Nixon, P., Terzis, S., McGetrtrick, A., Lowe, H.: Dynamic Trust Models for Ubiquitous Computing Environments. In: Workshop on Security in Ubiquitous Computing (2002)Google Scholar
  4. 4.
    Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization. IETF RFC 3281 (2002)Google Scholar
  5. 5.
    Yang, S.: Role Based Access Control Supporting Coherent Caching of Privilege Delegation Which Utilizes Group Key. The Journal of Suwon Information Technology 3 (2004)Google Scholar
  6. 6.
    Joshi, J.B.D., Bertino, E., Ghafoor, A.: Temporal hierarchies and inheritance semantics for GTRBAC. In: Proceedings of the seventh ACM symposium on Access control models and technologies, Monterey, California, USA, pp. 74–83 (2002)Google Scholar
  7. 7.
    Goldberg, A., Buff, R., Schmitt, A.: Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys. In: Workshop on Internet Server Performance held in conjunction with SIGMETRICS 1998 (1998)Google Scholar
  8. 8.
    Setia, S., Zhu, S., Jajodia, S.: A Comparative Performance Analysis of Reliable Group Rekey Transport Protocols for Secure Multicast. In: Proc. of the Performance (2002) Google Scholar
  9. 9.
    Rafaeli, S., Hutchison, D.: A Survey of Key Management for Secure Group Communication. ACM Computing Surveys 35(3) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Soomi Yang
    • 1
  1. 1.The University of SuwonKorea

Personalised recommendations