TrustedRBAC is a scalable, decentralized trust-management and access control mechanism for systems that span multiple autonomous domains. We utilize X.509 attri- bute certificates to define trust domains, roles to def...TrustedRBAC is a scalable, decentralized trust-management and access control mechanism for systems that span multiple autonomous domains. We utilize X.509 attri- bute certificates to define trust domains, roles to define controlled activities, and role delegation across domains to represent permissions to these activities. This paper describes the TrustedRBAC model and its scalable design and implementation.展开更多
Intrusion Detection System(IDS)have received a great deal ofattention because of their excellent ability of preventing networkincidents. Recently, many efficient approaches have been proposed toimprove detection abili...Intrusion Detection System(IDS)have received a great deal ofattention because of their excellent ability of preventing networkincidents. Recently, many efficient approaches have been proposed toimprove detection ability of IDS. While the self-protection abilityof IDS is relatively worse and easy to be exploited by attackers,this paper gives a scheme of Securely Distributed Intrusion DetectionSystem(SDIDS). This system adopts special measurements to enforce thesecurity of IDS components. A new secure mechanism combiningrole-based access control and attribute certificate is used to resistattack to communication.展开更多
文摘TrustedRBAC is a scalable, decentralized trust-management and access control mechanism for systems that span multiple autonomous domains. We utilize X.509 attri- bute certificates to define trust domains, roles to define controlled activities, and role delegation across domains to represent permissions to these activities. This paper describes the TrustedRBAC model and its scalable design and implementation.
文摘Intrusion Detection System(IDS)have received a great deal ofattention because of their excellent ability of preventing networkincidents. Recently, many efficient approaches have been proposed toimprove detection ability of IDS. While the self-protection abilityof IDS is relatively worse and easy to be exploited by attackers,this paper gives a scheme of Securely Distributed Intrusion DetectionSystem(SDIDS). This system adopts special measurements to enforce thesecurity of IDS components. A new secure mechanism combiningrole-based access control and attribute certificate is used to resistattack to communication.
