Publication detail

A Universal Frame of Access Control in Computer Networks

BURDA, K.

Original Title

A Universal Frame of Access Control in Computer Networks

English Title

A Universal Frame of Access Control in Computer Networks

Type

journal article - other

Language

en

Original Abstract

In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a concept of a universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.

English abstract

In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a concept of a universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.

Keywords

Access control, AAA protocol, Authentication protocol, Secure computer network, Authority.

RIV year

2013

Released

30.10.2013

Pages from

7

Pages to

20

Pages count

14

BibTex


@article{BUT102612,
  author="Karel {Burda}",
  title="A Universal Frame of Access Control in Computer Networks",
  annote="In the paper, the classification of access control (AC) systems and AC networks is proposed. This classification facilitates the description and security analysis of complex AC systems and networks. The applicability of the proposed terminology and classification is illustrated in the description of a representative range of AC systems and networks. On the basis of this description, we can state that existing solutions of access control use various communication protocols, various message formats, and are intended for various scenarios. The user's access to assets and the cooperation between authorities are complicated by this fact. In the paper, a  concept of a  universal frame for access control in computer networks is proposed. This frame is based on the idea that all devices of a computer network are equipped with autonomous AC systems (the so-called AC portal), and that these portals can mutually cooperate via a common ACP protocol. The AC portal controls the access of other devices to the assets of a given device or negotiates the access of the applications of the given device to the assets of other devices.",
  chapter="102612",
  number="10",
  volume="13",
  year="2013",
  month="october",
  pages="7--20",
  type="journal article - other"
}