An SSO-Capable Distributed RBAC Model with High Availability across Administrative Domain

22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008) Pub Date : 2008-03-25 DOI:10.1109/WAINA.2008.175

S. Juntapremjitt, S. Fugkeaw, P. Manpanpanich

{"title":"An SSO-Capable Distributed RBAC Model with High Availability across Administrative Domain","authors":"S. Juntapremjitt, S. Fugkeaw, P. Manpanpanich","doi":"10.1109/WAINA.2008.175","DOIUrl":null,"url":null,"abstract":"This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.","PeriodicalId":170418,"journal":{"name":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WAINA.2008.175","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.

查看原文本刊更多论文

具有跨管理域高可用性、支持sso的分布式RBAC模型

本文提出了一种跨多个管理域、具有高可用性的分布式RBAC (dRBAC)和单点登录(SSO)系统的新设计和实现。其核心思想是基于多智能体系统(MAS)技术，具有模块化、自主性、分布式、灵活性和可扩展性。所有代理都有其特定的用途。利用代理简化了高可用性。PKI用于实现域内和域间代理通信之间的信任。采用安全断言标记语言(SAML)来支持体系结构中身份验证和授权信息的交换。该方法支持使用X.509数字证书的强双因素身份验证。授权方案基于特权管理基础设施(PMI)。最后，我们报告了我们的扩展实现状态，并证明了我们提出的模型在多个SSO和PKI域中的实现是高效和灵活的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)

自引率

0.00%

发文量