Role-based privilege management using attribute certificates and delegation

Gail Joon Ahn, Dongwan Shin, Longhua Zhang

Research output: Contribution to journalArticlepeer-review

2 Scopus citations


The Internet provides tremendous connectivity and immense information sharing capability which the organizations can use for their competitive advantage. However, we still observe security challenges in Internet-based applications that demand a unified mechanism for both managing the authentication of users across enterprises and implementing business rules for determining user access to enterprise applications and their resources. These business rules are utilized for privilege management or authorization in a security context. In this paper, we design a role-based privilege management leveraging access control models and X.509 attribute certificate. We attempt to develop an easy-to-use, flexible, and interoperable authorization mechanism. Also, we demonstrate the feasibility of our architecture by providing the proof-of-concept prototype implementation using commercial off-the-shelf technologies.

Original languageEnglish (US)
Pages (from-to)100-109
Number of pages10
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
StatePublished - Dec 1 2004
Externally publishedYes

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Role-based privilege management using attribute certificates and delegation'. Together they form a unique fingerprint.

Cite this