By Topic

Authorization in the digital library: secure access to services across enterprise boundaries

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Ching, N. ; Dept. of Comput. Sci., Illinois Univ., Urbana, IL, USA ; Jones, V. ; Winslett, M.

In large scale networked information systems (e.g. the World Wide Web), the community of subjects who may make requests to a service provider such as a digital library will often extend beyond the local community to include individuals about whom little prior knowledge, if any, exists at the provider. This poses challenges for resource protection which do not resist in traditional computing environments. The paper presents a formal framework for secure access to information and services in such systems, where both the size of the user base and a variety of local enterprise dependent representations of user attributes must be considered. In our framework, an individual supplies digital credentials akin to traditional paper credentials with a request for service. To decide whether to grant the request, the recipient interprets the credentials using knowledge about the credential issuers (more precisely, of what conditions must hold for the issuers to have issued the credentials) rather than, or in addition to, specific knowledge about the requester. Our formalism for access control also provides a basis for security oriented smart yellow pages facilities, which are directory services that manage queryable registries of information about service providers and their requirements

Published in:

Digital Libraries, 1996. ADL '96., Proceedings of the Third Forum on Research and Technology Advances in

Date of Conference:

13-15, May 1996