Publication detail
A Universal Frame of Access Control in Computer Networks
BURDA, K.
Original Title
A Universal Frame of Access Control in Computer Networks
English Title
A Universal Frame of Access Control in Computer Networks
Type
journal article - other
Language
en
Original Abstract
In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a concept of a universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.
English abstract
In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a concept of a universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.
Keywords
Access control, AAA protocol, Authentication protocol, Secure computer network, Authority.
RIV year
2013
Released
30.10.2013
ISBN
1738-7906
Periodical
International Journal of Computer Science and Network Security
Year of study
13
Number
10
State
KR
Pages from
7
Pages to
20
Pages count
14
Documents
BibTex
@article{BUT102612,
author="Karel {Burda}",
title="A Universal Frame of Access Control in Computer Networks",
annote="In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a concept of a universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.",
chapter="102612",
number="10",
volume="13",
year="2013",
month="october",
pages="7--20",
type="journal article - other"
}