Changes between Version 80 and Version 81 of Internal/Rbac/OrbitRbacDesign

Timestamp:

Sep 11, 2006, 8:09:03 PM (18 years ago)

Author:

hedinger

Comment:

—

Internal/Rbac/OrbitRbacDesign

@@ -67 +67 @@
 It seems to be a good idea to pursue the server-pull architecture because of temporal constraints and to avoid certificate revocation issues.  If it decided otherwise to use a user-pull architecture, secure cookies [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/diss-jean.pdf Par99]] [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/park00secure.pdf PS00b]] and smart X.509 certificates [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p1-park.pdf PS99a]] [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/smart-certificates-extending-x-1.pdf PS99b]] [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/park00binding.pdf PS00a]] are the two methods used.  Ahn, Sandhu, Kang, and Park discuss a proof-of-concept implemention of a user-pull architectured, web-based workflow system in  [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/2928_1724_76-10-01.pdf ASKP00]].
 
+Park, Sandhu, and Ahn summarize the issued in implementing RBAC Web in [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/p37-park.pdf PSA01]].
+
 This design assumes that user authentication will be handled separately and will be reliable.  It also assumes that ORBIT users will protect their passwords and not intentionally loan them to others.  These two assumptions allow a person to be related to a user id.