A Rule-Based System for Cross-Enterprise Access Authorization

Abstract

As the Internet permeates every aspect of our society enterprises (e.g.businesses, government agencies) find increasing need to share sensitive information and/or grant users in external enterprises rights to perform critical transactions. One promising approach for cross-enterprise access authorization is for an enterprise to send digitally signed statements that explicitly grant access rights to external enterprises. Such an approach is highly scalable and can be used to empower information owners to exercise direct control of access authorizations. This paper presents a rule-based framework for distributed cross enterprise access authorizations based on digitally signed authorizations. The specification language is based on a set of concepts that are common in business environments. An important contribution of this framework is that it clearly defines the semantics of revoking signed statements and certificates, a topic that has received little attention in previous research. Clearly defined revocation semantics is an important consideration for end users to have the full confidence to use a distributed trust management system. We also discuss protocols for distributed management of cross-enterprise authorization and revocation.

Bei-Tseng Chu received his Ph.D. in Computer Science from the University of Maryland at College Park. He is currently a professor of Computer Science at the University of North Carolina at Charlotte where he also serves as the associate director of the School of Information Technology. He served as the coordinator of the Ph.D. program in Information Technology from 1997 through 2000. He currently is the coordinator of the Master of Science Program in Information Technology. His current research interets are: Enterprise Integration and Information Security.

For more information, contact Venu Dasigi.

This page is maintained by Venu Dasigi.