Authorization in Enterprise-Wide Distributed System: A Practical Design and Application
نویسندگان
چکیده
As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. This paper considers the design of an authorization system that is suitable for distributed applications. It discusses the architectural design principles, describes the constructs of the authorization policy language and outlines the authorization service and components involved. The paper gives some examples policy specifications and illustrates how privileges are specified and evaluated as well as how privilege resolutions are achieved.
منابع مشابه
Simplifying Enterprise Wide Authorization Management Through Distribution of Concerns and Responsibilities
Authentication lets a system know who you are, while authorization controls your resources access rights and what operations you are allow to perform. Resources have owners to whom the resources belong to. The owner knows best who is allowed to access her resources at any one time. Distribution of concerns and responsibilities can be effectively used for efficient management of enterprise wide ...
متن کاملAn Integrated Solution for Secure Group Communication in Wide-Area Networks
Many distributed applications require a secure reliable group communication system to provide coordination among the application components. This paper describes a secure group layer (SGL) which bundles a reliable group communication system, a group authorization and access control mechanism, and a group key agreement protocol to provide a comprehensive and practical secure group communication ...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملAdvance and Green Manufacturing Technology Adoption: Classification and Literature Review of Issues
Purpose – The actual benefits of the AMT solidarity to the manufacturing system, classified as systemic, will only be acquired and identified if the current design and organizational structure become matchable with the change being introduced. The purpose of this paper is to present a review for the organizational design development related to AMT assumption and the green manufacturing (GM) inv...
متن کاملRobust Distributed Source Coding with Arbitrary Number of Encoders and Practical Code Design Technique
The robustness property can be added to DSC system at the expense of reducing performance, i.e., increasing the sum-rate. The aim of designing robust DSC schemes is to trade off between system robustness and compression efficiency. In this paper, after deriving an inner bound on the rate–distortion region for the quadratic Gaussian MDC based RDSC system with two encoders, the structure of...
متن کامل