To search, Click
below search items.

Published Papers Search Service
Design and Evaluation of Policy Based Authorization Model for large scale Distributed Systems
Sarbjeet Singh, Kamalbir Singh, Harpal Kaur
Citation |
Vol. 9 No. 11 pp. 49-55
Large scale distributed systems enable sharing of resources and services scattered over geographically dispersed, heterogeneous, autonomous administrative domains. Two main entities interacting with each other over a distributed system are service requesters and service providers. The service requesters belonging to a particular administrative domain may request access to resources/services available over same or other administrative domains. Similarly a service provider belonging to a particular administrative domain may expose its resources/services over same or other administrative domains. The service requesters belonging to one administrative domain generally have different access rights in different administrative domains. Determining what a service requester is authorized to do in the same or other administrative domains is a difficult task. The overall authorization and access control becomes more complex when service providers attach authorization and access control related policies with their resources/services and provide access to those resources/services based on conformance to established policies. These policies may include authentication, privacy, trust, network workload, business and management etc. related aspects of authorization and access control. Designing an authorization and access control system for such an environment is a complex task and introduces many challenging technology and management related issues. In this paper we have made an attempt to define and implement a policy based authorization and access control framework that can be used to determine the access rights of a subject in different administrative domains and supports policy-based access to resources/services scattered over a distributed system. The framework proposed is scalable, flexible and has been implemented through web services. The paper also discusses prototype implementation of the proposed framework.
Distributed Systems, Administrative Domains, Authorization and Access Control, Policy-based Authorization Framework