Role-based Protection and Delegation for Mobile Object Environments


PrincipalDomain is an administrative scoping construct for establishing security policies based on the principals invoking object services that may entail objects moving around a network to accomplish their task. The privileges attached to the principal determines the privileges of those mobile objects, which effectively defines the access control rules for any resource the object might request. These objects may cooperate by delegating subtasks to other objects. During the process of delegation, when one object (initiator) authorizes another object (delegate) to perform some task, the attached privileges might be passed on from initiator to the delegate to accomplish the task. Support for roles is used to improve manageability by adding an optional level of indirection. Role-based access control and delegation provides a higher level of granularity than approaches limited only to individuals. In this paper, we describe a proposed protection mechanism based on code-executing principals..

Similar works

Full text

oaioai:CiteSeerX.psu: time updated on 10/22/2014

This paper was published in CiteSeerX.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.