Title :
Attribute support for inter-domain use
Author :
Zurko, Mary Ellen
Author_Institution :
Lab. for Comput. Sci., MIT, Littleton, MA, USA
Abstract :
This paper describes the user attribute service (UAS), a tool providing the storage and management of application-specific per-user security attributes for applications running in a distributed environment. The UAS provides for the security and integrity of attribute-to-user bindings, as well as the secrecy of those bindings, if the application or user requests it. Four goals of the UAS are support of least privilege, local control and autonomy, instantiation of trust relationships, and psychological acceptability. Mechanisms to group and enable privilege attributes support the least privilege principal at the user request level. Functions are designed to enhance the usability of the UAS within and across domains by attribute holders and security managers
Keywords :
data integrity; distributed processing; security of data; application-specific per-user security attributes; attribute support; autonomy; instantiation; integrity; inter-domain use; local control; psychological acceptability; security; storage and management; support of least privilege; trust relationships; user attribute service; Application software; Authentication; Authorization; Computer science; Computer security; Environmental management; Information security; Psychology; Technology management; Usability;
Conference_Titel :
Computer Security Foundations Workshop V, 1992. Proceedings.
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2850-2
DOI :
10.1109/CSFW.1992.236777
