Role-based Access Control on the Web Using LDAP

نویسندگان

  • Joon S. Park
  • Gail-Joon Ahn
  • Ravi S. Sandhu
چکیده

This paper gives a framework for how to leverage Lightweight Directory Access Protocol (LDAP) to implement Role-based Access Control (RBAC) on the Web in the server-pull architecture. LDAP-based directory services have recently received much attention because they can support object-oriented hierarchies of entries in which we can easily search and modify attributes over TCP/IP. To implement RBAC on the Web, we use an LDAP directory server as a role server that contains users' role information. The role information in the role server is referred to by Web servers for access control purposes through LDAP in a secure manner (over SSL). We provide a comparison of this work to our previous work, RBAC on the Web in the user-pull architecture.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Secure Information Sharing Using Attribute Certificates and Role Based Access Control

In this paper, we explore the issues involved with the design and rapid deployment of large scale secure information sharing (SIS) systems for coordination involved with multiple agencies. Procedures and tools were developed for setting up quickly the public key infrastructure (PKI) and privilege management infrastructure (PMI) for the multi-agency SIS systems. A multi-agency SIS testbed based ...

متن کامل

Using Ontologies to Mitigate LDAP Deficiencies

Semantic technology powered access control schemes have been recently proposed to enhance the flexibility of role-based access control (RBAC) and its variants. These access control mechanisms depend heavily on rich, contextual data sourced from an identity attribute store. Unfortunately, most identity stores in use today use the Lightweight Directory Access Protocol (LDAP) representational sche...

متن کامل

Detection of Lightweight Directory Access Protocol Query Injection Attacks in Web Applications

The Lightweight Directory Access Protocol (LDAP) is a common protocol used in organizations for Directory Service. LDAP is popular because of its features such as representation of data objects in hierarchical form, being open source and relying on TCP/IP, which is necessary for Internet access. However, with LDAP being used in a large number of web applications, different types of LDAP injecti...

متن کامل

Spotlight LDAP : Framework , Practices , and Trends

A directory service is a searchable database repository that lets authorized users and services find information related to people, computers , network devices, and applications. Given the increasing need for information — particularly over the Internet — directory popularity has grown over the last decade and is now a common choice for distributed applications. The Lightweight Directory Access...

متن کامل

Edge Caching for Directory Based Web Applications: Algorithms and Performance

In this paper, a dynamic content caching framework is proposed for deploying directory based applications at the edge of the network, closer to the client. The framework consists of a Lightweight Directory Access Protocol (LDAP) directory cache and the offloaded application running at a proxy. The LDAP directory cache is an enhanced LDAP proxy server which stores results and semantic informatio...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2001