Title :
Role-based access control with X.509 attribute certificates
Author :
Chadwick, David W. ; Otenko, Alexander ; Ball, Edward
Author_Institution :
Salford Univ., UK
Abstract :
We adapted the standard X.509 privilege management infrastructure to build an efficient role-based trust management system in which role assignments can be widely distributed among organizations, and an XML-based local policy determines which roles to trust and which privileges to grant. A simple Java API lets target applications easily incorporate the system. The Permis API has already proven its general utility in four very different applications throughout Europe.
Keywords :
application program interfaces; authorisation; computer network management; message authentication; public key cryptography; software standards; Java API; Permis API; X.509 attribute certificates; X.509 privilege management infrastructure; XML-based local policy; role assignments; role-based access control; role-based trust management system; Access control; Application software; Authentication; Authorization; Buildings; Cities and towns; Computer security; Multilevel systems; Permission; Public key;
Journal_Title :
Internet Computing, IEEE
DOI :
10.1109/MIC.2003.1189190
