{"title":"具有跨管理域高可用性、支持sso的分布式RBAC模型","authors":"S. Juntapremjitt, S. Fugkeaw, P. Manpanpanich","doi":"10.1109/WAINA.2008.175","DOIUrl":null,"url":null,"abstract":"This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.","PeriodicalId":170418,"journal":{"name":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"An SSO-Capable Distributed RBAC Model with High Availability across Administrative Domain\",\"authors\":\"S. Juntapremjitt, S. Fugkeaw, P. Manpanpanich\",\"doi\":\"10.1109/WAINA.2008.175\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.\",\"PeriodicalId\":170418,\"journal\":{\"name\":\"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)\",\"volume\":\"51 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WAINA.2008.175\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WAINA.2008.175","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An SSO-Capable Distributed RBAC Model with High Availability across Administrative Domain
This paper proposes a novel design and implementation of distributed RBAC (dRBAC) and single sign-on (SSO) system that spans over multiple administrative domains with high availability. The core idea is based on multi-agent systems (MAS) technique owing to its modularity, autonomy, distributedness, flexibility, and scalability. All agents serve their specific purposes. Leveraging agents simplifies high availability. PKI is used for trust enablement between intra- and inter-domain agent communications. The security assertion markup language (SAML) is adopted for supporting the exchange of authentication and authorization information in the architecture. The approach supports strong two-factor authentication with X.509 digital certificate. The authorization scheme is based on the privilege management infrastructure (PMI). Finally, we reported our extended implementation status and demonstrated that our proposed model is efficient and flexible to implement in the multiple SSO and PKI domains.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
