Certificate based authorization simulation system

Abstract

Using certificates for distributed authorizations in computer network systems has been discussed in the literature. However real implementations of the concept are rarely seen. In our certificate based authorization simulation system (CBASS) project, we prototyped a computer system including some of the emulated functions of an operating system such as machine, user and file management, and emulated applications. These system management functions and applications use certification instead of conventional access control list mechanism for resource access control. It is our purpose to explore a practical way to build the distributed authorization into computer systems in order to solve authorization problems which exist in present open and large distributed computing environments. In this paper, we present our design and implementation of the CBASS.