AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment

The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007) Pub Date : 2007-10-14 DOI:10.1109/SECUREWARE.2007.4385336

S. Fugkeaw, P. Manpanpanich, S. Juntapremjitt

{"title":"AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment","authors":"S. Fugkeaw, P. Manpanpanich, S. Juntapremjitt","doi":"10.1109/SECUREWARE.2007.4385336","DOIUrl":null,"url":null,"abstract":"This paper proposes a hybrid model of an authentication technique and a role based access control (RBAC) based on X.509 public key certificate and attribute certificate. With attribute certificate the user role is bound to an identity of the public key certificate in which the permissions are assigned to the holder. A mapping model of RBAC authorization and authentication is presented. In addition, we also deal with the issue of system service disruption and recovery as well as an activity-based policy. With our proposed model, the full authentication, authorization, and accountability (AAA) are supported. We apply the multi agent system concept to facilitate the authentication and the authorization based on the PKI infrastructure. Finally, the project called AmTRUE (authentication management and trusted role-based authorization in multi-application and multi-user environment) has been developed to implement our research idea.","PeriodicalId":257937,"journal":{"name":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECUREWARE.2007.4385336","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

This paper proposes a hybrid model of an authentication technique and a role based access control (RBAC) based on X.509 public key certificate and attribute certificate. With attribute certificate the user role is bound to an identity of the public key certificate in which the permissions are assigned to the holder. A mapping model of RBAC authorization and authentication is presented. In addition, we also deal with the issue of system service disruption and recovery as well as an activity-based policy. With our proposed model, the full authentication, authorization, and accountability (AAA) are supported. We apply the multi agent system concept to facilitate the authentication and the authorization based on the PKI infrastructure. Finally, the project called AmTRUE (authentication management and trusted role-based authorization in multi-application and multi-user environment) has been developed to implement our research idea.

查看原文本刊更多论文

AmTRUE:多应用和多用户环境下的身份验证管理和基于可信角色的授权

提出了一种基于X.509公钥证书和属性证书的身份验证技术和基于角色的访问控制(RBAC)的混合模型。使用属性证书，用户角色绑定到将权限分配给持有者的公钥证书的标识。提出了一种RBAC授权与认证的映射模型。此外，我们还处理系统服务中断和恢复问题，以及基于活动的策略。使用我们建议的模型，支持完整的身份验证、授权和责任(AAA)。在PKI基础上，采用多代理系统的概念来实现身份验证和授权。最后，开发了AmTRUE(多应用和多用户环境下基于可信角色的身份验证管理和授权)项目来实现我们的研究思想。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007)

自引率

0.00%

发文量