Credentialed Secure Communication Switchboards""

Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

doi:10.21236/ada440577

Cited by 5 publications

(13 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Advanced role-based access control systems, such as GRBAC [2] and dRBAC [9], and lawgoverned interaction [15], provide more expressive and flexible policy-based access control than traditional ACLs and capabilities, but do not handle conflicts and disagreements, where negotiation would be required.…”

Section: Related Workmentioning

confidence: 99%

Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios

Venkatraman

Eustice

Reiher

2007

IEEE International Conference on Service-Oriented Computing and Applications (SOCA '07)

View full text Add to dashboard Cite

show abstract

Section: Related Workmentioning

confidence: 99%

Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios

Venkatraman

Eustice

Reiher

2007

IEEE International Conference on Service-Oriented Computing and Applications (SOCA '07)

View full text Add to dashboard Cite

show abstract

“…Switchboard The Switchboard [7] library provides a trusted substrate for secure and authorized inter-component communication. Switchboard coalition partnerships are secure, authenticated, continuously authorized connections whose communication channels are monitored when the communication channel uses an external network.…”

Section: Authorization-and Liveness-aware Inter-component Communicationmentioning

confidence: 99%

“…The design of some of the underlying abstractions have been described in detail elsewhere [6,7], but not as part of a larger system. Our goal in this paper is to describe the overall DisCo application model, the set of abstractions we believe are necessary to support this model conveniently, and the lessons we have learned from developing applications on top of this middleware.…”

Section: Introductionmentioning

confidence: 99%

DisCo: middleware for securely deploying decomposable services in partly trusted environments

Freudenthal

Karamcheti

2004

24th International Conference on Distributed Computing Systems, 2004. Proceedings.

View full text Add to dashboard Cite

show abstract

“…DisCo also includes a novel abstraction called the Switchboard, which provides applications with the ability to create credentialed, secure connections with the same programming effort as might be required in a completely secure environment. The overall DisCo architecture and the Switchboard abstraction are described in additional detail elsewhere [9,10].…”

Section: Sponsoring/monitoring Agency Name(s) and Address(es) 10 Spomentioning

confidence: 99%

“…We have implemented a centralized dRBAC system that responds to trust-relationship queries generated by our DisCo infrastructure. Our current implementation is Java-based and uses Java RMI (Remote Method Invocation) and secure sockets implemented using our Switchboard [10] abstraction for inter-host communication. We are in the process of developing a distributed implementation of dRBAC.…”

Section: Implementation Statusmentioning

confidence: 99%

dRBAC: distributed role-based access control for dynamic coalition environments

Freudenthal

Pesin

Port

et al.

Proceedings 22nd International Conference on Distributed Computing Systems

131

View full text Add to dashboard Cite

Distributed Role-Based Access Control (dRBAC) is a scalable, decentralized trust-management and access-control mechanism for systems that span multiple administrative domains. dRBAC represents controlled actions in terms of roles, which are defined within the trust domain of one entity and can be transitively delegated to other roles within a different trust domain. dRBAC utilizes PKI to identify all entities engaged in trust-sensitive operations and to validate delegation certificates. The mapping of roles to authorized name spaces obviates the need to identify additional policy roots. dRBAC distinguishes itself from previous trust management and role-based access control approaches in its support for three features: (1) third-party delegations, which improve expressiveness by allowing an entity to delegate roles outside its namespace when authorized by an explicit delegation of assignment; (2) valued attributes, which modulate transferred access rights via mechanisms that assign and manipulate numerical values associated with roles; and (3) credential subscriptions, which enable continuous monitoring of established trust relationships using a pub/sub infrastructure to track the status of revocable credentials. This paper describes the dRBAC model, its scalable implementation using a graph-based model of credential discovery and validation, and its application in a larger security context.

show abstract

Credentialed Secure Communication Switchboards""

Cited by 5 publications

References 9 publications

Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios

Negotiating Agreements Using Policies in Ubiquitous Computing Scenarios

DisCo: middleware for securely deploying decomposable services in partly trusted environments

dRBAC: distributed role-based access control for dynamic coalition environments

Contact Info

Product

Resources

About