ROADS: Role-based Authorization and Delegation System
暂无分享,去创建一个
In this paper, we describe the design and implementation of ROADS; a rolebased authorization and delegation system, based on a simple distributed security infrastructure called SPKI/SDSI [1]. We have developed a flexible access control mechanism called FLEXI-ACL that allows us to enforce different kinds of authentication schemes so that it becomes easy for a resource administrator to write/update the security policies. ROADS support the the classical features such as group memberships, threshold certificates etc. supported by SPKI/SDSI framework. The application of our system is illustrated with an experimental integration with the distributed auction systems in achieving the distributed closure time of auctions in a consensus way.
[1] Matthew K. Franklin,et al. The Design and Implementation of a Secure Auction Service , 1996, IEEE Trans. Software Eng..
[2] Ronald L. Rivest,et al. Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..
[3] Sun Meifeng,et al. KeyNote Trust Management System , 2002 .