||Rolebase Access Control On Top Of KeyNote
||Jensen, Christian D. (Embedded Systems Engineering, Department of Informatics and Mathematical Modeling, Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark)
||Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark
||Executing privileged operations by a specific user has always been
considered as an important part of controlling access to data or service.
Authorizing users in an enterprise system, is considered as a
very complex process and the classic access control mechanisms provides
poor solution with low scalability.
Role based Access Control  has been introduced to address the
problem of scalability in access control policy specification. In this
manner the Role based Access Control focuses on groups with the
defined roles, instead of looking at single user’s privileges.
Although the scalability of access control policy specification is largely
solved by RBAC, there is a critical issue in the enforceme mechanism
because most RBAC mechanism are centralized. This centralization
leads to the bottleneck and limits that is known in RBAC.
KeyNote [RFC 2704] has been introduced as a general decentralized
access control mechanism, which means that KeyNote is application
independent. KeyNote is a trust management system that
helps applications with the decision for giving access to a requester
to perform a dangerous operation.
The main goal of this thesis is to investigate the enforcement of Role
Based Access Control policies on trust management system such as
KeyNote. The aim is to develop a general method of mapping RBAC
policies into KeyNote assertions. Developing a prototype implementation
will be considered as a part of the thesis to demonstrate the
feasibility of the mentioned approach.
||Technical University of Denmark (DTU) : Kgs. Lyngby, Denmark
Creation date: 2010-10-19
Update date: 2010-10-19