基于角色的数字内容访问控制方法

Proceedings International Conference on Information Technology: Coding and Computing Pub Date : 2001-04-02 DOI:10.1109/ITCC.2001.918808

E. Weippl

{"title":"基于角色的数字内容访问控制方法","authors":"E. Weippl","doi":"10.1109/ITCC.2001.918808","DOIUrl":null,"url":null,"abstract":"Role-based access control is the state-of-the-art mechanism for restricting access to resources. Today, digital content is distributed via CD-ROMs and the Internet with little or no protection. Using widely available public key cryptography, we propose to extend the paradigm of role-based access control to digital content by encapsulating it into secure document containers. Certification authorities can certify that a specific user belongs to a certain group and can thus be granted access to systems (i.e. document containers) that do not know who the user actually is. Online distribution of one-time keys can be used to avoid various attacks like replays.","PeriodicalId":318295,"journal":{"name":"Proceedings International Conference on Information Technology: Coding and Computing","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2001-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An approach to role-based access control for digital content\",\"authors\":\"E. Weippl\",\"doi\":\"10.1109/ITCC.2001.918808\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Role-based access control is the state-of-the-art mechanism for restricting access to resources. Today, digital content is distributed via CD-ROMs and the Internet with little or no protection. Using widely available public key cryptography, we propose to extend the paradigm of role-based access control to digital content by encapsulating it into secure document containers. Certification authorities can certify that a specific user belongs to a certain group and can thus be granted access to systems (i.e. document containers) that do not know who the user actually is. Online distribution of one-time keys can be used to avoid various attacks like replays.\",\"PeriodicalId\":318295,\"journal\":{\"name\":\"Proceedings International Conference on Information Technology: Coding and Computing\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2001-04-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings International Conference on Information Technology: Coding and Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITCC.2001.918808\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings International Conference on Information Technology: Coding and Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITCC.2001.918808","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

基于角色的访问控制是限制对资源访问的最先进机制。今天，数字内容通过cd - rom和互联网传播，很少或根本没有保护。使用广泛可用的公钥加密技术，我们建议将基于角色的访问控制范例通过将其封装到安全的文档容器中来扩展到数字内容。证书颁发机构可以证明特定用户属于某个组，因此可以授予对不知道用户实际是谁的系统(即文档容器)的访问权限。一次性密钥的在线分发可以用来避免各种攻击，比如重放。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An approach to role-based access control for digital content

Role-based access control is the state-of-the-art mechanism for restricting access to resources. Today, digital content is distributed via CD-ROMs and the Internet with little or no protection. Using widely available public key cryptography, we propose to extend the paradigm of role-based access control to digital content by encapsulating it into secure document containers. Certification authorities can certify that a specific user belongs to a certain group and can thus be granted access to systems (i.e. document containers) that do not know who the user actually is. Online distribution of one-time keys can be used to avoid various attacks like replays.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings International Conference on Information Technology: Coding and Computing

自引率

0.00%

发文量