Access control in a distributed object environment using XML and roles

J. Crampton, H. Khambhammettu

Research output: Chapter in Book/Report/Conference proceedingConference contribution


We discuss the design of an integrated security architecture for authorization and authentication in a distributed object environment. Our architecture will have four main components: an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session certificates to authenticated users. A session certificate will be used by the authorization engine to establish the legitimacy of an access request by a user. We will also describe how the architecture supports dynamic revocation of session certificates and delegation.
Original languageEnglish
Title of host publicationProceedings of 3rd Annual Information Security South Africa Conference (ISSA 2003)
Number of pages14
Publication statusPublished - 2003

Cite this