Scalable Authorization in Distributed Systems

分布式系统中的可扩展授权

• 批准号: 9901700
• 负责人: Ravinderpal Sandhu
• 金额: $ 12.5万
• 依托单位: George Mason University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 1999
• 资助国家: 美国
• 起止时间: 1999-08-01 至 2002-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=9901700&HistoricalAwards=false
• 关键词: Scalable; Authorization; Distributed; Systems

Proposal Number: CCR-9901700PI: Ravi SandhuProject-summary-paragraphAuthorization must be a cornerstone of effective security indistributed computing. Moreover, in large-scale systems authorizationmust itself be scalable. This project will conduct a holisticinvestigation by looking concurrently and synergistically atarchitecture, mechanisms, and models for scalable authorization.These three aspects are intertwined and mutually dependent, sodecisions made in one impact the choices in others. Yet they can beprofitably separated for scientific study. The project will developand refine a set of architectures for enforcement and administration,and analyze their relative advantages and disadvantages. It willdevelop a systematic analysis of techniques for binding identity andauthorization information, and the pros and cons of mechanisms basedon different binding means. The third prong of the project willdevelop decentralized models for management of authorizations. Thisproject will undertake theoretical and conceptual basic researchaugmented by selected proof-of-concept experiments to validate thetheory.

提案编号：CCR-9901700PI：Ravi SandhuProject-摘要-段落授权必须是分布式计算中有效安全的基石。此外，在大型系统中，授权本身必须是可伸缩的。这个项目将对可伸缩授权的架构、机制和模型进行并行和协同的整体调查。这三个方面相互交织、相互依赖，因此一个方面的决定会影响其他方面的选择。然而，将它们分开进行科学研究是有益的。该项目将开发和完善一套执行和管理的体系结构，并分析它们的相对优势和劣势。它将系统地分析绑定身份和授权信息的技术，以及基于不同绑定方式的机制的优缺点。该项目的第三个方面将开发授权管理的分散模式。该项目将通过精选的概念验证实验进行理论和概念性的基础研究，以验证理论。