Secure Authorisation Agent for Cross-Domain Access Control in a Mobile Computing Environment

New portable computers and wireless communication technologies have significantly enhanced mobile computing. The emergence of network technology that supports user mobility and universal network access has prompted new requirements and concerns, especially in the aspects of access control and security. In this paper, we propose a new approach using authorisation agents for cross-domain access control in a mobile computing environment. Our framework consists of three main components, namely centralised authorisation servers, authorisation tokens and authorisation agents. An infrastructure of centralised authorisation servers and application servers from different domains is proposed for supporting trust propagation to mobile hosts instantaneously. While the authorisation token is a form of static capability, the authorisation agent on the client side can be regarded as a dynamic capability to provide the functionality in client-server interactions. It works collaboratively with remote servers to provide authorisation service with finer access granularity and higher flexibility.

[1]  Paul Ashley,et al.  Practical Intranet Security , 1999, Springer US.

[2]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[3]  Rolf Oppliger Security issues related to mobile code and agent-based systems , 1999, Comput. Commun..

[4]  Paul Ashley,et al.  Cross-domain one-shot authorization using smart cards , 2000, CCS.

[5]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[6]  George C. Necula,et al.  Safe, Untrusted Agents Using Proof-Carrying Code , 1998, Mobile Agents and Security.

[7]  Vijay Varadharajan Security enhanced mobile agents , 2000, CCS.

[8]  Yves Deswarte,et al.  An authorization scheme for distributed object systems , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[9]  G. Tsudik,et al.  Authentication of mobile users , 1994, IEEE Network.

[10]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[11]  Paul Ashley,et al.  Automated cross-organisational trust establishment on extranets , 2001 .