Zhang, N. and Yao, L. and Nenadic, A. and Chin, J. and Goble, C. and Rector, A. and Chadwick, David W. and Otenko, S. and Shi, Q. (2007) Achieving Fine-grained Access Control in Virtual Organisations. Concurrency and Computation: Practice and Experience, 19 (9). pp. 1333-1352. ISSN 1532-0626.
|
Download (587Kb)
|
![[img]](http://kar.kent.ac.uk/style/images/fileicons/application_pdf.png)
|
|
| Official URL http://dx.doi.org/10.1002/cpe.1099 |
||
Abstract
In a virtual organization environment, where services and data are provided and shared amongorganizations from different administrative domains and protected with dissimilar security policies and measures, there is a need for a flexible authentication framework that supports the use of various authentication methods and tokens. The authentication strengths derived from the authentication methods and tokens should be incorporated into an access-control decision-making process, so that more sensitive resources are available only to users authenticated with stronger methods. This paper reports our ongoingefforts in designing and implementing such a framework to facilitate multi-level and multi-factor adaptive authentication and authentication strength linked fine-grained access control. The proof-ofconcept prototype is designed and implemented in the Shibboleth and PERMIS infrastructures, which specifies protocols to federate authentication and authorization information and provides a policy-driven, role-based, access- control decision-making capability.
| Item Type: | Article |
|---|---|
| Additional information: | Available from http://www3.interscience.wiley.com/cgi-bin/fulltext/113392827/PDFSTART |
| Uncontrolled keywords: | authentication; authorization; virtual organization; Shibboleth; PERMIS; smart tokens |
| Subjects: | Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, |
| Divisions: | Faculties > Science Technology and Medical Studies > School of Computing > Security Group |
| Depositing User: | Mark Wheadon |
| Date Deposited: | 24 Nov 2008 18:05 |
| Last Modified: | 06 Sep 2011 01:37 |
| Resource URI: | http://kar.kent.ac.uk/id/eprint/14581 (The current URI for this page, for reference purposes) |
- Depositors only (login required):
