Article

Dynamic Configuration and Enforcement of Access Control for Mobile Components

Authors:

Yoad Gidron,

Israel Ben-Shaul,

Yariv AridorAuthors Info & Claims

NGIT '99: Proceedings of the 4th International Workshop on Next Generation Information Technologies and Systems

Pages 267 - 276

Published: 05 July 1999 Publication History

Abstract

Dynamic execution layout is the capability to (re)map at runtime the logical components of a distributed application onto physical hosts. From the resource management perspective, this paradigm raises three challenges: dynamic matching of available and required resources by providers and consumers, respectively; instance-level permission setting and enforcement; and access control over migrating resources. The proposed model employs a pairwise negotiation mechanism that enables to query resource availability and agree on a "contract", along with an enforcement mechanism that extends Java 1.2 and allows mobile components to fulfill their contracts despite their potential relocation.

References

[1]

O. Holder, I. Ben-Shaul, and H. Gazit, "Dynamic layout of distributed applications in FarGo", in Proceedings of the 21th Internationsl Conference on Software Engineering, Los Angenes, CA, May 1999, To Appear.

Crossref

Google Scholar

[2]

D. Milojicic, G. Agha, P. Bernadat, D. Chauhan, S. Guday, N. Jamali, and D. Lambright, "Case studies in security and resource management for mobile objects", in Proceedings of the ECOOP 4th Workshop on Mobile Object Systems: Secure Internet Mobile Computations, Belgium, July 1998, pp. 191-205.

Crossref

Google Scholar

[3]

O. Holder, I. Ben-Shaul, and H. Gazit, "System support for dynamic layout of distributed applications", in Proceedings of the 19th International Conference on Distributed Computing Systems (ICDCS '99), Austin, TX, May 1999, To appear.

Crossref

Google Scholar

[4]

A. Chavez and P. Maes, "Kasbah: An agent marketplace for buying and selling goods", in Proceedings of the 1st International Conference on the Practical Applications of Intelligent Agents and Multi-Agent technology, 1996.

Google Scholar

[5]

J. Waldo, "Jini architecture overview", 1998, Available at: http://www.sun.com/jini/whitepapers/.

Google Scholar

[6]

L. Gong, M. Muller, H. Prafullchandra, and R. Schemers, "Going beyond the sandbox: An overview of the new security architecture in the java development kit 1.2", in Proceedings of the USENIX Symposium on Internet Technologies and Systems, December 1997.

Crossref

Google Scholar

[7]

R. L. Rivest, A. Shamir, and L. Adelman, "A method for obtaining digital signatures and public-key cryptosystems", Communications of the ACM, February 1978.

Crossref

Google Scholar

[8]

D. Hagimont, J. Mossiere, X. Rousset de Pina, and F. Saunier, "Hidden software capabilites", in Proceedings of the 16th International Conference on Distributed Computing Systems (ICDCS '96), Hong Kong, May 1996, pp. 282-289.

Crossref

Google Scholar

Recommendations

Hardware-enhanced distributed access enforcement for role-based access control
SACMAT '14: Proceedings of the 19th ACM symposium on Access control models and technologies

The protection of information in enterprise and cloud platforms is growing more important and complex with increasing numbers of users who need to access resources with distinct permissions. Role-based access control (RBAC) eases administrative ...
Configuring role-based access control to enforce mandatory and discretionary access control policies

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Access control enforcement testing
AST '13: Proceedings of the 8th International Workshop on Automation of Software Test

A policy-based access control architecture comprises Policy Enforcement Points (PEPs), which are modules that intercept subjects access requests and enforce the access decision reached by a Policy Decision Point (PDP), the module implementing the access ...

Comments

Information & Contributors

Information

Published In

NGIT '99: Proceedings of the 4th International Workshop on Next Generation Information Technologies and Systems

July 1999

303 pages

ISBN:3540662251

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 05 July 1999

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Recommendations

Hardware-enhanced distributed access enforcement for role-based access control

Configuring role-based access control to enforce mandatory and discretionary access control policies

Access control enforcement testing

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations