World Wide Web (WWW) has become a part of the way in which we transfer information. Security and authorization have become a concern for sharing of critical information. Role based access control (RBAC) provides some flexibility to security management. Public key infrastructure (PKI) can provide a strong authentication. Privilege management infrastructure (PMI) as a new technology can provide strong authorization. In order to satisfy mentioned security requirements, we have established a role based access control infrastructure and developed a prototype that uses X.509 public key certificates (PKCs) and attribute certificates (ACs). In this paper we explore the use of Attribute Certificates with RBAC for supporting large scale secure information sharing. We use Ldap servers for storing ACs, PKC to provide authentication and authorization services for Web services. The scheme proposed has many advantages that satisfy the needs of inter-organization information sharing using attribute certification
[1]
Ravi S. Sandhu,et al.
Role-Based Access Control Models
,
1996,
Computer.
[2]
Sebastiaan H. von Solms,et al.
The management of computer security profiles using a role-oriented approach
,
1994,
Comput. Secur..
[3]
Srilekha Mudumbai,et al.
Certificate-based authorization policy in a PKI environment
,
2003,
TSEC.
[4]
David W. Chadwick,et al.
RBAC Policies in XML for X.509 Based Privilege Management
,
2002,
SEC.
[5]
David W. Chadwick,et al.
The PERMIS X.509 role based privilege management infrastructure
,
2002,
SACMAT '02.
[6]
David W. Chadwick,et al.
The PERMIS X.509 role based privilege management infrastructure
,
2003,
Future Gener. Comput. Syst..
[7]
José M. Troya,et al.
Integrating PMI services in CORBA applications
,
2003,
Comput. Stand. Interfaces.