Skip to main content
USENIX
  • Conferences
  • Students
Sign in

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Certificate-based Access Control for Widely Distributed Resources
Tweet

connect with us

Certificate-based Access Control for Widely Distributed Resources

Abstract: 

We have implemented and deployed an access control mechanism that uses digitally-signed certificates to define and enforce an access policy for a set of distributed resources that have multiple, independent and geographically dispersed stakeholders. The stakeholders assert their access requirements in use-condition certificates and designate those trusted to attest to the corresponding user attributes. Users are identified by X.509 identity certificates. During a request to use a resource, a policy engine collects all the relevant certificates and decides if the user satisfies all the requirements. This paper describes the model, architecture and implementation of this system. It also includes some preliminary performance measurements and our plans for future development of the system.

Mary R. Thompson, Lawrence Berkeley National Laboratory

William Johnston, Lawrence Berkeley National Laboratory

Srilekha Mudumbai, Lawrence Berkeley National Laboratory

Gary Hoo, Lawrence Berkeley National Laboratory

Keith Jackson, Lawrence Berkeley National Laboratory

Abdelilah Essiari, Lawrence Berkeley National Laboratory

Links

Paper (HTML): 
http://www.usenix.org/events/sec99/full_papers/thompson/thompson_html/index.html
Paper: 
http://www.usenix.org/events/sec99/full_papers/thompson/thompson.pdf
  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Conference Policies
  • Contact Us