Proceedings ArticleDOI
A privilege management and enforcement system for distributed resource sharing
Kurt Maly,Ajay Gupta,B. Kvande,Irwin B. Levinstein,Ravi Mukkamala,S. Nanjangud,M. Olson,R. Whitney,R. Chambers +8 more
- pp 106-111
TLDR
This work has developed a system for easy administration and enforcement of controlled access for end user access to resources via the Internet including X Windows and World Wide Web based interfaces, and DCE based authentication and authorization.Abstract:
The Internet has been identified as one of the most dangerous aspects for an organization in today's information based world. Unauthorized access, misuse, and manipulation of data can create havoc. We have chosen a distributed environment with thousands of users and tens of thousands of resources to illustrate an approach to solve this problem. We have developed a system for easy administration and enforcement of controlled access. Distributed, delegated management of resources is at the core of the project. For portability, the enforcement system is established between the operating system and the user rather than being embedded in the operating system. In particular, we have developed management and access methods for end user access to resources via the Internet including X Windows and World Wide Web based interfaces, and DCE based authentication and authorization. The environment for this project is the Distributed Informatics Computing and Collaborative Environments project associated with the US Department of Energy's Energy Science Network. This project is a joint effort between the Continuous Electron Beam Accelerator Facility (CEBAF), the Chinese Institute of High Energy Physics, and Old Dominion University.read more
Citations
More filters
Patent
Database system and method for data acquisition and perusal
TL;DR: In this article, a data acquisition and perusal system and method including a database selection module, a database index generator module and a search module is presented, which allows for the capture of HTML data which is automatically indexed without human intervention and has the ability to automatically and accurately locate or "pinpoint" and highlight specific text or groups of text designated by the user within the resulting database.
Patent
System for dynamic registration of privileged mode hooks in a device
TL;DR: In this article, the authors propose a system for dynamic registration of privileged mode hooks in a device that includes at least two operating modes comprising a privileged mode and a non-privileged mode.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
Using encryption for authentication in large networks of computers
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Journal ArticleDOI
Kerberos: an authentication service for computer networks
B.C. Neuman,T. Ts'o +1 more
TL;DR: The authors concentrate on authentication for real-time, interactive services that are offered on computer networks, which includes remote login, file system reads and writes, and information retrieval for applications like Mosaic.
Kerberos: An Authentication Service for Open Network Systems
TL;DR: An overview of the Kerberos authentication model as imple- mented for MIT's Project Athena is given, which describes the protocols used by clients, servers, and Kerbero to achieve authentication.
Journal ArticleDOI
Security Mechanisms in High-Level Network Protocols
TL;DR: The implications of adding security mechanisms to high-level network protocols operating in an open-system environment are analyzed, and a brief description of the two basic approaches to communications security, link-oriented measures and end-to-end measures concludes that end- to- end measures are more appropriate in anopen- system environment.