Change search
ReferencesLink to record
Permanent link

Direct link
Authorization System in Open Networks based on Attribute Certificates: Towards an ICT Enabled Society
KTH, School of Information and Communication Technology (ICT).
2003 (English)In: Proceedings of the International Information Technology Conference, 2003Conference paper (Refereed)
Abstract [en]

This paper describes a security system for authorization in open networks. Authorization means authority to access certain resources, to perform certain operations, or to use certain system functions. In this paper the authorization system is based on use of attribute certificates. An attribute certificate is a signed object containing authorization attributes of a user. Before checking whether a user is authorized to perform an action or to access an object, the identity of the user must be verified. The identity verification system is based on public key certificates. We separate authorization system from authentication system because the same authority does not always establish authorization and authentication information. However these two systems must be combined and that is done by including the serial number of the user’s public key certificate as a field in the user’s attribute certificate, which carries authorization information.

The topology of the authorization system comprises authorization authority servers issuing attribute certificates to users, application clients handling those certificates, and application servers verifying user access rights based on attribute certificates. Furthermore, all these components are themselves certified by standard PKI certification authorities, thus supporting mutual authentication and cross–domain scaling.

Place, publisher, year, edition, pages
National Category
Computer and Information Science
URN: urn:nbn:se:kth:diva-34516OAI: diva2:421790
QC 20110609Available from: 2011-06-09 Created: 2011-06-09 Last updated: 2011-06-09Bibliographically approved

Open Access in DiVA

fulltext(210 kB)98 downloads
File information
File name FULLTEXT01.pdfFile size 210 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Mwakalinga, Jeffy
By organisation
School of Information and Communication Technology (ICT)
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 98 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 36 hits
ReferencesLink to record
Permanent link

Direct link