An abstract authorization system for the Internet

Author

Fernandez, Eduardo B. ; Nair, Krishnakumar R.

Author_Institution

Dept. of Comput. Sci. & Eng., Florida Atlantic Univ., Boca Raton, FL, USA

fYear

1998

fDate

25-28 Aug 1998

Firstpage

310

Lastpage

315

Abstract

Most of the work on Internet security focuses on cryptographic approaches. While valuable, this is not a feasible way to control access to documents. Cryptography can only control secrecy and authentication aspects, but cannot handle different types of access by different users, access to portions of documents, and other content restrictions. A higher-level approach is needed. We present here an authorization model for hypertext documents based on the access matrix. We classify different types of documents, we model these using object-oriented approaches, and we define access policies that specify access to those types of documents. Authorization restrictions can be superimposed on the document class model and on its dynamic model. These authorizations are based on a mandatory version of the access matrix, implementing role-based access control. We consider possible implementation architectures, involving servers and databases

Keywords

Internet; authorisation; cryptography; hypermedia; Internet; Internet security; abstract authorization system; authentication; authorization model; cryptographic approaches; databases; hypertext documents; object-oriented approaches; secrecy; servers; Authentication; Authorization; Computer science; Computer security; Cryptography; Data security; Information security; Internet; Multimedia systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 1998. Proceedings. Ninth International Workshop on

Conference_Location

Vienna

Print_ISBN

0-8186-8353-8

Type

conf

DOI

10.1109/DEXA.1998.707418

Filename

707418