Achieving Fine-grained Access Control in Virtual Organisations

Zhang, N. and Yao, L. and Nenadic, A. and Chin, J. and Goble, C. and Rector, A. and Chadwick, David W. and Otenko, S. and Shi, Q. (2007) Achieving Fine-grained Access Control in Virtual Organisations. Concurrency and Computation: Practice and Experience, 19 (9). pp. 1333-1352. ISSN 1532-0626. (Full text available)

PDF
Download (602kB)
[img]
Preview
Official URL
http://dx.doi.org/10.1002/cpe.1099

Abstract

In a virtual organization environment, where services and data are provided and shared amongorganizations from different administrative domains and protected with dissimilar security policies and measures, there is a need for a flexible authentication framework that supports the use of various authentication methods and tokens. The authentication strengths derived from the authentication methods and tokens should be incorporated into an access-control decision-making process, so that more sensitive resources are available only to users authenticated with stronger methods. This paper reports our ongoingefforts in designing and implementing such a framework to facilitate multi-level and multi-factor adaptive authentication and authentication strength linked fine-grained access control. The proof-ofconcept prototype is designed and implemented in the Shibboleth and PERMIS infrastructures, which specifies protocols to federate authentication and authorization information and provides a policy-driven, role-based, access- control decision-making capability.

Item Type: Article
Additional information: Available from http://www3.interscience.wiley.com/cgi-bin/fulltext/113392827/PDFSTART
Uncontrolled keywords: authentication; authorization; virtual organization; Shibboleth; PERMIS; smart tokens
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 18:05
Last Modified: 06 Sep 2011 01:37
Resource URI: http://kar.kent.ac.uk/id/eprint/14581 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year