Access control in a distributed object environment using XML and roles

J. Crampton, H. Khambhammettu

Research output: Contribution to journalArticlepeer-review


We discuss the design of an integrated security architecture for authorization and authentication in a distributed object environment. Our architecture will have four main components: an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session certificates to authenticated users. A session certificate will be used by the authorization engine to establish the legitimacy of an access request by a user. We will also describe how the architecture supports dynamic revocation of session certificates and delegation.
Original languageEnglish
Pages (from-to)2-8
Number of pages7
JournalSouth African Computer Journal
Publication statusPublished - 2003

Cite this