Search: id:"swepub:oai:DiVA.org:kth-154436" >
On the applicabilit...
On the applicability of trusted computing in distributed authorization using Web services
-
Nagarajan, A. (author)
-
Varadharajan, V. (author)
-
Hitchens, M. (author)
-
show more...
-
- Arora, Saurabh (author)
- KTH,Informatik, logistik och management
-
show less...
-
(creator_code:org_t)
- Berlin, Heidelberg : Springer Berlin Heidelberg, 2008
- 2008
- English.
-
Series: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 0302-9743
- Related links:
-
https://link.springe...
-
show more...
-
https://urn.kb.se/re...
-
https://doi.org/10.1...
-
show less...
Abstract
Subject headings
Close
- Distributed authorization provides the ability to control access to resources spread over the Internet. Typical authorization systems consider a range of security information like user identities, role identities or even temporal, spatial and contextual information associated with the access requestor. However, the ability to include computing platform related information has been quite limited due to constraints in identification and validation of platforms when distributed. Trusted computing is an exciting technology that can provide new ways to bridge this gap. In this paper, we provide the first steps necessary to achieving distributed authorization using trusted computing platforms. We introduce the notion of a Property Manifest that can be used in the specification of authorization policies. We provide an overview of our authorization architecture, its components and functions. We then illustrate the applicability of our system by implementing it in a Web service oriented architecture.
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Keyword
- Access control
- Web services
- World Wide Web
- Authorization architecture
- Authorization policies
- Authorization systems
- Computing platforms
- Contextual information
- Control access
- Role identities
- Trusted computing
- Information services
Publication and Content Type
- ref (subject category)
- kon (subject category)
To the university's database