Implementing Role Based Access Control for Federated Information Systems on the Web

Taylor, K. and Murty, J.

    There is rapidly increasing interest in Australia in on-line sharing of information stored in corporate databases, especially within and between staff of independent government agencies. Biological collections databases and population health GIS are good examples of the frequent situation where database custodians are looking for dynamic, distributed, heterogenous federated information system models for information sharing within loosely constituted communities. This paper describes a security model for authentication and access control to federated systems. The model supports single sign-on for users; a high level of autonomy for database custodians; and a low maintenance overhead. The model's implementation using PKI and Web technology is described.
Cite as: Taylor, K. and Murty, J. (2003). Implementing Role Based Access Control for Federated Information Systems on the Web. In Proc. First Australasian Information Security Workshop (AISW2003), Adelaide, Australia. CRPIT, 21. Johnson, C., Montague, P. and Steketee, C., Eds. ACS. 87-95.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS