A resource access decision service for CORBA-based distributed systems

TitleA resource access decision service for CORBA-based distributed systems
Publication TypeConference Paper
Year of Publication1999
AuthorsBeznosov, K., Y. Deng, B. Blakley, C. Burt, and J. Barkley
Conference NameComputer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual
Pagination310 -319
Keywordsaccess control policy, application functionality, application logic, authorisation, authorization logic, consistency, CORBA-based distributed systems, distributed computing environment, distributed object management, fine-grain access control requirements, heterogeneous systems, logic, resource access decision service

Decoupling authorization logic from application logic allows applications with fine-grain access control requirements to be independent of a particular access control policy and from factors that are used in authorization decisions as well as access control models, no matter how dynamic those policies and factors are. It also enables elaborate and consistent access control policies across heterogeneous systems. We present the design of a service for resource access authorization in distributed systems. The service enables one to decouple authorization logic from application functionality. Although the described service is based on CORBA technology, the design approach can be successfully used in any distributed computing environment


a place of mind, The University of British Columbia

Electrical and Computer Engineering
2332 Main Mall
Vancouver, BC Canada V6T 1Z4
Tel +1.604.822.2872
Fax +1.604.822.5949

Emergency Procedures | Accessibility | Contact UBC | © Copyright 2021 The University of British Columbia