A generalized model for internet-based access control systems with delegation support

Conference proceedings article


Authors/Editors


Strategic Research Themes

No matching items found.


Publication Details

Author listBuranasaksee U., Porkaew K., Supasitthimethee U.

PublisherSpringer Verlag

Publication year2013

Volume number115

Start page975

End page988

Number of pages14

ISBN9783642379482

ISSN1867-8211

eISSN1867-8211

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84982261583&partnerID=40&md5=f0581112eb9a8ef374f6ee70abaf7926

LanguagesEnglish-Great Britain (EN-GB)


Abstract

In the web environment, web browsers use HTTP/HTTPS to communicate between users and web/application servers. However, many internet activities require interactions among three parties without compromising confidentiality. For example, an e-commerce transaction requires a buyer to authorize an ecommerce website to withdraw money from the buyer’s bank account at an internet banking website. Although several existing works have been proposed to solve this problem, they are done in ad-hoc manners or lack of some important properties. This paper proposes a model, called PRA (Provider-Requestor- Authorizer), for generalizing three-party communication in the web-environment in order to identify desirable properties that can be used to measure the goodness of protocols for and classify them. We found that PRA model can generalize three-party communication protocols to a single model from conceptual level to implementation level. © Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2013.


Keywords

DelegationDesignDistributed access controlDistributed systemImplementation


Last updated on 2022-06-01 at 15:55