Distributed RBAC system based on proxy attribute certificates

Using attribute certificates can manage users of RBAC models in distributed system efficiently;the signature in certificate guarantees the validity of the certificate.While the entire work of validating and publishing certificates done by system manager,the task is heavy,so bring out bottleneck in large distributed application.Designing a certificate structure and its proxy publishing based on traceable proxy signature,not merely scattered the task of manager,publisher and proxy signatures can't abuse their power,attackers can not forge certificate and imitate user.In this way,solve the problem of manager's efficiency,and improve the efficiency and security of RBAC system as well.