Role-Based Access Control for E-commerce Sea-of-Data Applications

Navarro, G.; Robles, S.; Borrell, J.

doi:10.1007/3-540-45811-5_8

G. Navarro³,
S. Robles³ &
J. Borrell³

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2433))

Included in the following conference series:

International Conference on Information Security

803 Accesses
2 Citations

Abstract

Sea-of-Data (SoD) applications (those that need to process huge quantities of distributed data) present specific restrictions, which make mobile agent systems one of the most feasible technologies to implement them. On the other hand mobile agent technologies are in a hot research state, spfiecially concerning security. We present an access control method for mobile agent systems. It is based on Role-based Access Control and trust management to provide a reliable solution for e-commerce SoD applications. It uses SPKI certificates to implement the role system and the delegation of authorization. It is proposed as an extension of the MARISM-A project,a secure mobile agent platform for SoD application. We also show its functionality with an e-commerce SoD medical imaging data application,whic h is based on a scenario of the IST project INTERPRET.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

T. Aura. Distributed access-rights management with delegation certificates. In J. Vitek and C. Jensen, editors, Secure Internet Programming: Security Issues for Distributed and Mobile Objects, volume 1603 of LNCS,pages 211–235. Springer, 1999.
Chapter Google Scholar
J. Baumann, F. Hohl, K. Rothermel, and M. Straßer. Mole — Concepts of a Mobile Agent System. Special Issue on Distributed World Wide Web Processing: Applications and Techniques of Web Agents,1(3):123–137,1998.
Article Google Scholar
D. Chess. Security issues of mobile agents. In Mobile Agents, volume 1477 of LNCS, pages 1–12. Springer-Verlang,1998.
Chapter Google Scholar
D. Clarke, J. Elien, C. Ellison, M. Fredette, A. Morcos, and R. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(9):285–322,2001.
Article Google Scholar
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. RFC 2693: SPKI certificate theory. The Internet Society, September 1999.
Google Scholar
E. Freudenthal, T. Pesin, L. Port, E. Keenan, and V. Karamcheti. dRBAC: Distributed role-based access control for dynamic coalition environments. New York University, Technical Report TR2001-819.(to appear ICDCS 2002),2001.
Google Scholar
Intel Architecture Labs. Intel Common Data Security Architecture. http://developer.intel.com/ial/security/.
L. Kagal, T. Finn, and A. Joshi. Trust-Based Security in Pervasive Computing Environments. IEEE Computer, pages 154–157, Dec. 2001.
Google Scholar
G. Karjoth, N. Asokan, and C. Gülcü. Protecting the Computation of Free-Roaming Agents. In Proceedings of the Second International Workshop on Mobile Agents, LNCS 1477,pages 194–207. Springer-Verlag, 1998.
Google Scholar
D. Rerraiolo, R. Sandhu, S. Gavrila, D. Kuhn, and R Chandramouli. Proposed NIST standard for role-based access control. In ACM Transactions on Information and System Security, volume 4, pages 224–274, August 2001.
Google Scholar
J. Riordan and B. Schneier. Environmental key generation towards clueless agents. In Mobile Agents and Security, pages 15–24,1998.
Google Scholar
R. Rivest. S-expressions. Internet-draft: <draft-rivest-sexp-00.txt>. The Internet Society, 1997.
Google Scholar
S. Robles, J. Mir, and J. Borrell. Marism-a: An architecture for mobile agents with recursive itinerary and secure migration. In 2nd. IW on Security of Mobile Multiagent Systems, Bologna, 2002.
Google Scholar
M. Straβer and K. Rothermel. Reliability Concepts for Mobile Agents. International Journal of Cooperative Information Systems (IJCIS),7(4):355–382,1998.
Article Google Scholar
M. Straßer, K. Rothermel, and C. Maifer. Providing Reliable Agents for Electronic Commerce. In Trends in Distributed Systems for Electronic Commerce, LNCS 1402, pages 241–253. Springer-Verlag, 1998.
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Dept. of Computer Science, Universitat Autònoma de Barcelona Edifici-Q, 08193, Bellaterra, Spain
G. Navarro, S. Robles & J. Borrell

Authors

G. Navarro
View author publications
You can also search for this author in PubMed Google Scholar
S. Robles
View author publications
You can also search for this author in PubMed Google Scholar
J. Borrell
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

College of Computer Science, Northeastern University, 02115, Boston, MA, USA
Agnes Hui Chan
Department of Electrical and Computer Engineering, University of Maryland, 20742, College Park, MD, USA
Virgil Gligor

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Navarro, G., Robles, S., Borrell, J. (2002). Role-Based Access Control for E-commerce Sea-of-Data Applications. In: Chan, A.H., Gligor, V. (eds) Information Security. ISC 2002. Lecture Notes in Computer Science, vol 2433. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45811-5_8

Download citation

DOI: https://doi.org/10.1007/3-540-45811-5_8
Published: 05 September 2002
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44270-7
Online ISBN: 978-3-540-45811-1
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics