企业级分布式系统中的授权:一种实际设计与应用

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI:10.1109/CSAC.1998.738614

V. Varadharajan, C. Crall, J. Pato

{"title":"企业级分布式系统中的授权:一种实际设计与应用","authors":"V. Varadharajan, C. Crall, J. Pato","doi":"10.1109/CSAC.1998.738614","DOIUrl":null,"url":null,"abstract":"As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. The paper considers the design of an authorization system that is suitable for distributed applications. It discusses the architectural design principles, describes the constructs of the authorization policy language and outlines the authorization service and components involved. The paper gives some example policy specifications and illustrates how privileges are specified and evaluated, as well as how privilege resolutions are achieved.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":"{\"title\":\"Authorization in enterprise-wide distributed system: a practical design and application\",\"authors\":\"V. Varadharajan, C. Crall, J. Pato\",\"doi\":\"10.1109/CSAC.1998.738614\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. The paper considers the design of an authorization system that is suitable for distributed applications. It discusses the architectural design principles, describes the constructs of the authorization policy language and outlines the authorization service and components involved. The paper gives some example policy specifications and illustrates how privileges are specified and evaluated, as well as how privilege resolutions are achieved.\",\"PeriodicalId\":426526,\"journal\":{\"name\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1998-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"24\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.1998.738614\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.1998.738614","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 24

摘要

随着公司从集中式计算环境迁移到分布式计算环境，安全策略(特别是授权策略)的管理和管理正变得越来越困难。本文考虑设计一种适合分布式应用的授权系统。本文讨论了体系结构设计原则，描述了授权策略语言的构造，并概述了授权服务和所涉及的组件。本文给出了一些示例策略规范，并说明了如何指定和评估特权，以及如何实现特权解析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Authorization in enterprise-wide distributed system: a practical design and application

As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. The paper considers the design of an authorization system that is suitable for distributed applications. It discusses the architectural design principles, describes the constructs of the authorization policy language and outlines the authorization service and components involved. The paper gives some example policy specifications and illustrates how privileges are specified and evaluated, as well as how privilege resolutions are achieved.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)

自引率

0.00%

发文量