Abstract
We discuss the design of an integrated security architecture for authorization and authentication in a distributed object environment. Our architecture will have four main components: an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session certificates to authenticated users. A session certificate will be used by the authorization engine to establish the legitimacy of an access request by a user. We will also describe how the architecture supports dynamic revocation of session certificates and delegation.
Original language | English |
---|---|
Pages (from-to) | 2-8 |
Number of pages | 7 |
Journal | South African Computer Journal |
Volume | 31 |
Publication status | Published - 2003 |