Title :
A resource access decision service for CORBA-based distributed systems
Author :
Beznosov, Konstantin ; Deng, Yi ; Blakley, Bob ; Burt, Carol ; Barkley, John
Author_Institution :
Baptist Health Syst. of South Florida, Miami, FL, USA
Abstract :
Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent of a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those policies and factors are. It also enables elaborate and consistent access control policies across heterogeneous systems. We present the design of a service for resource access authorization in distributed systems. The service enables one to decouple authorization logic from application functionality. Although the described service is based on CORBA technology, the design approach can be successfully used in any distributed computing environment
Keywords :
authorisation; distributed object management; logic; CORBA-based distributed systems; access control policy; application functionality; application logic; authorization logic; consistency; distributed computing environment; fine-grain access control requirements; heterogeneous systems; resource access decision service; Access control; Authorization; Context modeling; Electrical capacitance tomography; Logic design; Medical services; NIST; Read only memory; Road transportation; Security;
Conference_Titel :
Computer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-7695-0346-2
DOI :
10.1109/CSAC.1999.816041
