Title :
Towards flexible authorization management
Author :
Argyroudis, Patroklos G. ; Mahony, Donal O.
Author_Institution :
Dept. of Comput. Sci., Dublin Univ., Ireland
Abstract :
During the last years there have been a lot of proposals in the literature for systems that attempt to manage the process of trust establishment. However, the engineering details related to the exchange and negotiation of authorization credentials have not received similar attention. Existing solutions like SSL/TLS and IPsec have limitations that minimize their applicability. In this paper we propose a new protocol, the authorization exchange protocol (AXP), that provides a modular and extensible solution to this problem. It is situated between the application and the network layers acting as an authorization middleware component and handles the process of transmitting and receiving service access requests and replies, along with the credentials that are required to support them. In order to allow its use in securing delay sensitive applications, AXP has been designed to work over unreliable datagram transport protocols. We also present a case study and evaluate the performance of our proposal.
Keywords :
authorisation; telecommunication security; transport protocols; authorization credentials; authorization exchange protocol; authorization middleware component; datagram transport protocols; delay sensitive applications; flexible authorization management; network layers; service access requests; trust establishment; Access control; Access protocols; Authorization; Computer science; Computer security; Data security; Delay; Proposals; Public key; Transport protocols;
Conference_Titel :
Computers and Communications, 2005. ISCC 2005. Proceedings. 10th IEEE Symposium on
Print_ISBN :
0-7695-2373-0
DOI :
10.1109/ISCC.2005.146
