Home > CSC-OpenAccess Library > Manuscript Information
EXPLORE PUBLICATIONS BY COUNTRIES |
 |
 |
EUROPE |
|
MIDDLE EAST |
|
ASIA |
|
AFRICA |
| ............................. | |
|
United States of America |
|
United Kingdom |
|
Canada |
|
Australia |
|
Italy |
|
France |
|
Brazil |
|
Germany |
|
Malaysia |
|
Turkey |
|
China |
|
Taiwan |
|
Japan |
|
Saudi Arabia |
|
Jordan |
|
Egypt |
|
United Arab Emirates |
|
India |
|
Nigeria |
Authentication and Authorization Models
More V.N
Pages - 72 - 84 | Revised - 31-03-2011 | Published - 04-04-2011
MORE INFORMATION
KEYWORDS
PKI, PMI, Kerberos, An Improved Trust Model, X.509 Standard
ABSTRACT
In computer science distributed systems could be more secured with a distributed trust model based on either PKI or Kerberos. However, it becomes difficult to establish trust relationship across heterogeneous domains due to different actual trust mechanism and security policy as well as the intrinsic flaw of each trust model. Since Internet has been used commonly in information systems technologies, many applications need some security capabilities to protect against threats to the communication of information. Two critical procedures of these capabilities are authentication and authorization. This report presents a strong authentication and authorization model using three standard frameworks. They are PKI, PMI, and Directory. The trust in this approach is enabled by the use of public key infrastructure (PKI) which is applied for client two-factor authentication and secures the infrastructure. We introduce the preventive activity-based authorization policy for dynamic user privilege controls. It helps prevent successive unauthorized requests in a formal manner. At the core, we apply the Multi-Agent System (MAS) concept to facilitate the authentication and the authorization process in order to work with multi-applications and multi-clients more dynamically and efficiently.
| 1 | Aye, N., Khin, H. S., Win, T. T., KoKo, T., Than, M. Z., Hattori, F., & Kuwabara, K. (2013). Multi-domain public key infrastructure for information security with use of a multi-agent system. In Intelligent Information and Database Systems (pp. 365-374). Springer Berlin Heidelberg. |
| 1 | Google Scholar  |
| 2 | Academic Journals Database |
| 3 | CiteSeerX |
| 4 | refSeek |
| 5 | iSEEK |
| 6 | Scribd |
| 7 | SlideShare |
| 8 | PdfSR |
| An Internet Attribute Certificate Profile for Authorization URL: http://search.ietf.org/internet -drafts/draft-ietf-pkix-ac509prof-09.txt | |
| An X.509 Role-based Privilege Management Infrastructure URL: www.permis.org/files/article1_chadwick.pdf | |
| ASTM E2595 - 07 Standard Guide for Privilege Management Infrastructure. URL: http://www.astm.org/Standards/E2595.htm | |
| Authentication, Authorization and Accounting URL: www.infosectoday.com/Articles/Authentication.html | |
| Bellovin S M, Merritt M. Limitation of the Kerberos authentication system [A].Proceedings of the Winter 1991 Usenix Conference [C]. 1991. | |
| Burr W E. Public Key Infrastructure (PKI) Technical Specifications: Part A-Technical Concept of Operations: [WORKING Draft] TWG-98- 59. Federal PKI Technical Working Group. Sep. 1998 | |
| Certificate Revocation in Public Key Infrastructures URL: http://www.sans.org/infosecFAQ/encryption/cert _rev.htm | |
| Guan Zhen-sheng, Publication Key Infrastructure PKI and the applications. Beijing: Publishing House of Electronics Industry. 2008.1 | |
| Internet X.509 Public Key Infrastructure Certificate and CRL Profile URL: http://search.ietf.org/internet -drafts/draft-ietf-pkix-new-part1-09.txt | |
| Kerberos and Authentication URL: http://web.mit.edu/kerberos/#what_is | |
| Netscape Directory Server Administration Guide URL: http://home.netscape.com/eng/server/directory/3.0/ag/contents.html | |
| Neuman C. RFC 1510, The Kerberos Network Authentication Service (V5) [S]. 1993. | |
| Recommendation X.509 and ISO 9594-8, Information Processing System – Open Systems Interconnection - The Directory - Authentication Framework, 1988. URL: http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper075/paper.pdf. | |
| Role of PKI URL: www.windowsecurity.com/.../Understanding_the_Role_of_the_PKI.html | |
| S. Chokhani (CygnaCom) & W. Ford (VeriSign, Inc.) Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework URL: http://www.i etf.org/rfc/rfc2527.txt | |
| Strong authentication and authorization models URL: www.sans.org/.../strong-authentication-authorization-model-pki-pmi- directory_747 | |
| Thompson MR, Olson D, Cowles R, Mullen S, Helm M. CA-Based trust model for grid authentication and identity delegation. In: Proc. of the GGF7. 2003. | |
| Tips for LDAP users URL: http://www.ymtech.co.kr/ref/java/jnditutorial -may1/ldap/index.html | |
| Wen Tei-hua, Gu Shi-wen, An improved method of enhancing Kerberos protocol security, Journal of China Institute of Communications, Vol 25 No 6. June 2004, pp. 76-79. | |
| X.509 4th edition: Overview of PKI & PMI Frameworks (Entrust, Inc.) URL: http://www.entrust.com/resources/pdf/509_overview.pdf | |
| [X.509] CCITT Recommendation X.509, The Directory: Authentication Framework, 1997 | |
Dr. More V.N
- India
vickymore12@gmail.com
|
|
|
|
| View all special issues >> | |
|
|
