A trusted decentralized access control framework for the client/server architecture

Weili Han, Min Xu, Weidong Zhao, Guofu Li
2010 Journal of Network and Computer Applications  
This paper proposes a trusted decentralized access control (TDAC) framework for the client/server architecture. As the fundamental principle, TDAC enforces access control policies at the client side and protects sensitive objects at the server side by leveraging trusted computing technologies. Compared with the previous work of Sandhu and Zhang (2005) , TDAC uses fewer requirements for trusted components. To implement TDAC, we design a private trusted reference monitor that runs at the client
more » ... de, evaluates an access control request, and signs a temporary access control credential for a client application trustworthily; we also design a master reference monitor that runs at the server side, evaluates the request from the client application only according to the temporary access control credential. As a typical application, TDAC can protect client's private context data in subject-context aware access control.
doi:10.1016/j.jnca.2009.12.012 fatcat:nmowhswmyrc5rgaf7v4yewkrlq