Role-based access control in DCOM

Ahn, Gail-Joon

doi:10.1016/s1383-7621(00)00017-5

Cited by 11 publications

(6 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work most relevant to ours addresses support for RBAC in middleware. Ahn (2000) outlines a proposal for enforcing RBAC policies for distributed applications that utilize Microsoft's Distributed Component Object Model (DCOM) (Brown & Kindel, 1998;Microsoft, 1998). His proposal employs the following elements of Windows NT's architecture: (1) a registry for storing and maintaining the role hierarchy and permission-to-role assignment (PA); (2) user groups for simulating roles and maintaining user-to-role assignment (UA); and…”

Section: Related Workmentioning

confidence: 99%

“…(3) a custom built security provider that follows the RBAC model to make access control decisions, which are requested and enforced by the DCOM run-time. Since the support for role hierarchy is indicated, but not explained, by Ahn (2000), we assume that the Windows NT registry can be used to encode the hierarchy so that the RBAC security provider can refer to it while making authorization decisions. Similar to the proposals for RBAC support in operating systems, the use of OS user groups for simulating roles enables activation of more than one role.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of ANSI RBAC Support in EJB

Darwish

Beznosov

2011

International Journal of Secure Software Engineering

View full text Add to dashboard Cite

This paper analyzes access control mechanisms of the Enterprise Java Beans (EJB) architecture and defines a configuration of the EJB protection system in a more precise and less ambiguous language than the EJB 3.0 standard. Using this configuration, the authors suggest an algorithm that formally specifies the semantics of authorization decisions in EJB. The level of support is analyzed for the American National Standard Institute’s (ANSI) specification of Role-Based Access Control (RBAC) components and functional specification in EJB. The results indicate that the EJB specification falls short of supporting even Core ANSI RBAC. EJB extensions dependent on the operational environment are required in order to support ANSI RBAC required components. Other vendor-specific extensions are necessary to support ANSI RBAC optional components. Fundamental limitations exist, however, due to the impracticality of some aspects of the ANSI RBAC standard itself. This paper sets up a framework for assessing implementations of ANSI RBAC for EJB systems.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Analysis of ANSI RBAC Support in EJB

Darwish

Beznosov

2011

International Journal of Secure Software Engineering

View full text Add to dashboard Cite

show abstract

“…The work most relevant to ours addresses support for RBAC in middleware. Ahn [57] outlines a proposal for enforcing RBAC policies for distributed applications that utilize Microsoft's Distributed Component Object Model (DCOM) [29,58]. His proposal employs the following elements of Windows NT's architecture: (1) registry for storing and maintaining the role hierarchy, and permission-to-role assignment (PA), (2) user groups for simulating roles and maintaining user-to-role assignment (UA), and (3) a custom-built security provider that follows the RBAC model to make access control decisions, which are requested and enforced by the DCOM run-time.…”

Section: Related Workmentioning

confidence: 99%

“…His proposal employs the following elements of Windows NT's architecture: (1) registry for storing and maintaining the role hierarchy, and permission-to-role assignment (PA), (2) user groups for simulating roles and maintaining user-to-role assignment (UA), and (3) a custom-built security provider that follows the RBAC model to make access control decisions, which are requested and enforced by the DCOM run-time. Since the support for role hierarchy is indicated but not explained in [57], we assume that the Windows NT registry can be used to encode the hierarchy so that the RBAC security provider can refer to it while making authorization decisions. Similar to the proposals for RBAC support in operating systems, the use of OS user groups for simulating roles enables activation of more than one role.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of ANSI RBAC Support in COM+

Darwish

Beznosov

2010

Computer Standards & Interfaces

View full text Add to dashboard Cite

This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and education use, including for instruction at the authors institution and sharing with colleagues. Other uses, including reproduction and distribution, or selling or licensing copies, or posting to personal, institutional or third party websites are prohibited. In most cases authors are permitted to post their version of the article (e.g. in Word or Tex form) to their personal website or institutional repository. Authors requiring further information regarding Elsevier's archiving and manuscript policies are encouraged to visit: http://www.elsevier.com/copyright

show abstract

Security integration in inter-enterprise business process engineering

Biennier

2003

Collaborative Systems for Production Management

View full text Add to dashboard Cite

New organisational trends as alliances, virtual enterprises or extended enterprises make an heavy use of the information and communication technologies. This involves both the integration of the enterprises "personal" information systems, which exhibits important security requirements, and the definition of dedicated inter-enterprises business processes, respecting each enterprise autonomy and bringing an efficient collaborative framework. Based on actors models, our approach to couple closely a multi-levels workflow description of the distributed business processes and access controls descriptions on the information system so that a global and consistent security policy can be set.

show abstract

Role-based access control in DCOM

Cited by 11 publications

References 12 publications

Analysis of ANSI RBAC Support in EJB

Analysis of ANSI RBAC Support in EJB

Analysis of ANSI RBAC Support in COM+

Security integration in inter-enterprise business process engineering

Contact Info

Product

Resources

About