{"title":"特权管理基础架构下使用属性证书实现内网安全","authors":"Pi-Ju Tsai, Dwen-Ren Tsai, Wen-Pin Tai","doi":"10.1109/CCST.2005.1594859","DOIUrl":null,"url":null,"abstract":"In the computerized organizations, the public key infrastructure (PKI) certifications enforce authentication services providing stronger security. The PKI provides a framework to verify the identity of each entity in a given domain. The PKI framework includes mechanisms of requesting, issuing, signing, and validating public-key certificates. The privilege management infrastructure (PMI) framework determines whether the entity is authorized to access specific resources. It includes the issuance and validation of attribute certificates. Public-key certificates are certificates for trusting public-key, while attribute certificates are certificates for trusting privilege attribute. In the practical cases, when the system identifies a user's identity, it allocates the right permissions to the resources to the user according to the roles he/she played. This permission control mechanism is called the role-based access control (RBAC). This paper addresses an efficient privilege management mechanism, based on PMI and RBAC, to achieve the information security objectives of non-repudiation, integrity, and security. A security model is built to solve problems of privilege management and duty delegation.","PeriodicalId":411051,"journal":{"name":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Intranet Security using Attribute Certificates under the Privilege Management Infrastructure\",\"authors\":\"Pi-Ju Tsai, Dwen-Ren Tsai, Wen-Pin Tai\",\"doi\":\"10.1109/CCST.2005.1594859\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the computerized organizations, the public key infrastructure (PKI) certifications enforce authentication services providing stronger security. The PKI provides a framework to verify the identity of each entity in a given domain. The PKI framework includes mechanisms of requesting, issuing, signing, and validating public-key certificates. The privilege management infrastructure (PMI) framework determines whether the entity is authorized to access specific resources. It includes the issuance and validation of attribute certificates. Public-key certificates are certificates for trusting public-key, while attribute certificates are certificates for trusting privilege attribute. In the practical cases, when the system identifies a user's identity, it allocates the right permissions to the resources to the user according to the roles he/she played. This permission control mechanism is called the role-based access control (RBAC). This paper addresses an efficient privilege management mechanism, based on PMI and RBAC, to achieve the information security objectives of non-repudiation, integrity, and security. A security model is built to solve problems of privilege management and duty delegation.\",\"PeriodicalId\":411051,\"journal\":{\"name\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2005.1594859\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2005.1594859","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Intranet Security using Attribute Certificates under the Privilege Management Infrastructure
In the computerized organizations, the public key infrastructure (PKI) certifications enforce authentication services providing stronger security. The PKI provides a framework to verify the identity of each entity in a given domain. The PKI framework includes mechanisms of requesting, issuing, signing, and validating public-key certificates. The privilege management infrastructure (PMI) framework determines whether the entity is authorized to access specific resources. It includes the issuance and validation of attribute certificates. Public-key certificates are certificates for trusting public-key, while attribute certificates are certificates for trusting privilege attribute. In the practical cases, when the system identifies a user's identity, it allocates the right permissions to the resources to the user according to the roles he/she played. This permission control mechanism is called the role-based access control (RBAC). This paper addresses an efficient privilege management mechanism, based on PMI and RBAC, to achieve the information security objectives of non-repudiation, integrity, and security. A security model is built to solve problems of privilege management and duty delegation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
