Skip to main content
SpringerLink
Log in

Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI

  • Conference paper
Agent Computing and Multi-Agent Systems (PRIMA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 5044))

Included in the following conference series:

Abstract

This paper presents the approach of the distributed RBAC (DRBAC) access control of the multi-application delegated to the multi-user and multi-relying party federations. In our approach, DRBAC utilizes Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI) to serve the authentication and authorization. We propose the dynamic mapping scheme based on the Attribute Certification model in handling user identification, role assignment, and privilege delegation. To encourage distributedness, better scalability and performance, as well as ease of management and extension, Multi-Agent Systems concept is applied for the automation of the authentication, authorization and accountability functionalities. For the trust management of multiple PKI domains, we employ the Certificate Trust Lists (CTLs) model to make the different PKI domains can interoperate effectively. Finally, our ongoing implementation is demonstrated to prove our proposed model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lee, D.-G., Kang, S.-I., Seo, D.-H., Lee, I.-Y.: Authentication for single/Multi domain in ubiquitous computing using attribute certification. In: Gavrilova, M.L., Gervasi, O., Kumar, V., Tan, C.J.K., Taniar, D., Laganá, A., Mun, Y., Choo, H. (eds.) ICCSA 2006. LNCS, vol. 3983, pp. 326–335. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  2. Farrell, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization (April 2002), http://www.ietf.org/rfc/rfc3281.txt

  3. Wang, X., Zhao, G., Zhang, X., Jin, B.: An Agent-Based Model For Web Services Transaction Processing. In: IEEE International Conference on e-Technology, e-Commerce, and e-Services (EEE 2005), pp. 186–189. IEEE Computer Society, China (2005)

    Chapter  Google Scholar 

  4. Fugkeaw, S., Manpanpanich, P., Jantrapremjitt, S.: AmTRUE: Authentication Management and Trusted Role-based Authorization in Multi-Application and Multi-User Environment. In: IEEE International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2007). IEEE Computer Society, Spain (2007)

    Google Scholar 

  5. Thompson, W., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based access control for widely distributed resources. In: Proc. of the 8th USENIX Security Symposium, USA (1999)

    Google Scholar 

  6. ITU-T Rec. X.509, ISO/IEC 9594-8 The Directory: Authentication Framework (2000)

    Google Scholar 

  7. Chadwick, D.W., Otenko, A., Ball, E.: Role based access controls with X.509 attribute certificates. IEEE Internet Computing, 62–69 (2003)

    Google Scholar 

  8. Chadwick, D.W., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: ACM Symposium On Access Control Models And Technologies (SACMAT 2002), pp. 135–140. ACM, USA (2002)

    Google Scholar 

  9. Zhou, W., Meinel, C.: Implement Role-Based Access Control With Attribute Certificates. In: International Conference on Advanced Communication Technology (ICACT 2004), Korea, pp. 536–541 (2004)

    Google Scholar 

  10. Freudenthal, E., Pesin, T., Port, L.: DRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. Technical Report TR2001-819, Department of Computer Science, New York University

    Google Scholar 

  11. Li, N., Mao, Z.: Administration in Role-Based Access Control. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), pp. 127–138. ACM, Singapore (2007)

    Google Scholar 

  12. Santa, G.A., Higuera, D.: Mobile User Authentication Protocols. In: Proc. Of IASTED International Conference in Wireless and Optical Communication, Canada (2001)

    Google Scholar 

  13. Ma, M., Woodhead, S.: Constraint-enabled Distributed RBAC for Subscription-based Remote Network Services. In: IEEE International Conference on Computer and Information Technology (CIT 2006). IEEE Computer Society, USA (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Thai Digital ID Co.,Ltd., Bangkok, 10500, Thailand

    Somchart Fugkeaw & Piyawit Manpanpanich

  2. Whitehat Certified Co.,Ltd., Bangkok, 10310, Thailand

    Sekpon Juntapremjitt

Authors
  1. Somchart Fugkeaw
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Piyawit Manpanpanich
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sekpon Juntapremjitt
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science and Software Engineering, University of Wollongong, NSW 2522, Wollongong, Australia

    Aditya Ghose

  2. National ICT Australia, Queensland Research Laboratory, St Lucia, Queensland, Australia

    Guido Governatori

  3. Rangsit University, Bangkok, Thailand

    Ramakoti Sadananda

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fugkeaw, S., Manpanpanich, P., Juntapremjitt, S. (2009). Achieving DRBAC Authorization in Multi-trust Domains with MAS Architecture and PMI. In: Ghose, A., Governatori, G., Sadananda, R. (eds) Agent Computing and Multi-Agent Systems. PRIMA 2007. Lecture Notes in Computer Science(), vol 5044. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01639-4_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01639-4_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01638-7

  • Online ISBN: 978-3-642-01639-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation