Protecting Services with Smartcard-Based Access Control: A Case
ثبت نشده
چکیده
Technical University Berlin is in the process of issuing smartcards to employees and students and providing a wide range of campus-related services over the internet. Therefore an infrastructure supplying security services like user-authentication, secure connections and access control is necessary. A further goal is the reuse of existing applications and network technology to keep costs reasonably low. This calls for an application-independent, highly flexible security framework. Security measures must also be scalable, since applications operate on different levels of confidentiality. This paper describes the implemented security framework, which uses application level firewalls to implement smartcard-based authentication and a Single-Sign-On (SSO) mechanism. It will be pointed out that such a system will only be maintainable in the future if role-based access control is introduced. The paper describes the migration from a passwordto a smartcard-based authentication which will be extended with a role-based access control (RBAC) mechanism in the next step.
منابع مشابه
Beyond Cryptographic Conditional Access
Conditional access (CA) systems manage chargeable content (e.g., movies). Traditional CA systems use a smartcard as a cryptographic component that decrypts broadcast content for authorized recipients. Since that approach protects content by protecting cryptographic keys, it has two inherent weaknesses: It relies on the smartcard to protect universal secrets (i.e., the broadcast keys); and it ca...
متن کاملPKI based Access Control with Attribute Certificates for Data held on Smartcards
Common smartcard systems are not capable of providing effective Data Access Control in distributed IT-infrastructures with high configuration dynamics. The crucial points of that approach are resource consumption and inflexibility. The storage capacity of actual smartcards is clearly insufficient to store large certificate databases required by distributed services and applications. The exchang...
متن کاملFuture mobile networks: ad-hoc access based on online payment with smartcards
This paper describes an architecture where access to heterogeneous mobile networks is granted on the basis of online payment using smartcards. Access methods for GSM networks were designed for subscribed post-pay customers. With IN (Intelligent Networks) technology, operators could also offer services to prepay customers. Now, online payment might provide additional means for network access. In...
متن کاملA Method for Protecting Access Pattern in Outsourced Data
Protecting the information access pattern, which means preventing the disclosure of data and structural details of databases, is very important in working with data, especially in the cases of outsourced databases and databases with Internet access. The protection of the information access pattern indicates that mere data confidentiality is not sufficient and the privacy of queries and accesses...
متن کاملMeasuring Access to Urban Health Services Using Geographical Information System (GIS): A Case Study of Health Service Management in Bandar Abbas, Iran
Background The current distribution of and access to health services along with the future health needs of the population have prompted wide application of Geographic Information Systems (GISs). During recent years, GIS has been used in public health management for planning and organization of healthcare services. This study investigates geographical accessibility of residential areas in Bandar...
متن کامل