Beta 1


Title Rolebase Access Control On Top Of KeyNote
Author Mustafa, Rebaz
Supervisor Jensen, Christian D. (Embedded Systems Engineering, Department of Informatics and Mathematical Modeling, Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark)
Institution Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark
Thesis level Master's thesis
Year 2010
Abstract Executing privileged operations by a specific user has always been considered as an important part of controlling access to data or service. Authorizing users in an enterprise system, is considered as a very complex process and the classic access control mechanisms provides poor solution with low scalability. Role based Access Control [1] has been introduced to address the problem of scalability in access control policy specification. In this manner the Role based Access Control focuses on groups with the defined roles, instead of looking at single user’s privileges. Although the scalability of access control policy specification is largely solved by RBAC, there is a critical issue in the enforceme mechanism because most RBAC mechanism are centralized. This centralization leads to the bottleneck and limits that is known in RBAC. KeyNote [RFC 2704][2] has been introduced as a general decentralized access control mechanism, which means that KeyNote is application independent. KeyNote is a trust management system that helps applications with the decision for giving access to a requester to perform a dangerous operation. The main goal of this thesis is to investigate the enforcement of Role Based Access Control policies on trust management system such as KeyNote. The aim is to develop a general method of mapping RBAC policies into KeyNote assertions. Developing a prototype implementation will be considered as a part of the thesis to demonstrate the feasibility of the mentioned approach.
Imprint Technical University of Denmark (DTU) : Kgs. Lyngby, Denmark
Series IMM-M.Sc.-2010-82
Fulltext
Original PDF ep10_82.pdf (0.72 MB)
Admin Creation date: 2010-10-19    Update date: 2010-10-19    Source: dtu    ID: 268058    Original MXD