How Role Based Access Control is Implemented in SESAME
نویسندگان
چکیده
In this paper we want to share our experiences with implementing a scheme that enforces role based access control in a distributed, heterogeneous computing environment. This work was done in the framework of the EC-RACE project SESAME (A Secure European System in A Multivendor Environment). The SESAME project relies on the work done by ECMA (European Computer Manufacturers Association) to represent the credentials of the users and fully supports the GSS-API to help the application developers. We conclude that enforcing such a scheme is realistic and that writing applications, that benefit from the advantages of role based access control, is very feasible. We have built several demonstration applications.
منابع مشابه
83-10-20 Role-Based Access Control in Real Systems
Role-based access control can be used to support the real-world access control requirements of a distributed system. This article describes a role model as used in the context of a distributed security infrastructure such as SESAME or OSF/DCE security. It is based on practical experience in the use of roles in real product and shows how role-based access control benefits both the user and the s...
متن کاملRemote Hospital Reform in the Context of Australian Health Care Reforms
Public hospitals play an important role in the delivery of essential healthcare in Australia as in many countries. The Australian Government has in the recent years implemented national healthcare reform to improve the performance of and access to public hospital services. This reform extends to all public hospitals including remote hospitals. However, there is limited information on how reform...
متن کاملDynamic Context-aware Access Control for Grid Applications
OF THE THESIS Dynamic Context Aware Access Control for Grid Applications by Guangsen Zhang Thesis Director: Professor Manish Parashar While the primary objective of Grid Computing is to facilitate the sharing of resource and service spanning across largely distributed and heterogeneous system, the success deployment of Grid infrastructure will make lots of applications possible. The application...
متن کاملUsing SESAME's GSS-API to add Security to Unix Applications
SESAME is a security architecture that starts from the Kerberos protocol and adds to it public-key based authentication, role based access control, delegation of rights and an extensive auditing facility. SESAME provides the GSSAPI for securing applications and this paper describes our efforts in securing some of the most important Unix applications using SESAME: telnet, the BSD rtools and the ...
متن کاملSecure Smart Homes using Jini and UIUC SESAME
In this paper, we discuss our approach to constructing a dynamic and secure “Smart Home” environment and tackling the challenges associated with it. “Tiny UIUC SESAME” is a lightweight Java-implementation of a subset of SESAME. SESAME is an extension to Kerberos that supports public key technologies, access control, and delegation of access rights. We discuss our Tiny UIUC SESAME and how it cou...
متن کامل