Requirements for Scalable Access Control and Security Management Architectures

Abstract

Maximizing local autonomy has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access control policies and mechanisms. Yet management of security is becoming an increasingly challenging problem, in no small part due to scaling up of measures such as number of users, protocols, applications, network elements, topological constraints, and functionality expectations. In this paper we discuss scalability challenges for traditional access control mechanisms and present a set of fundamental requirements for authorization services in large scale networks. We show why existing mechanisms fail to meet these requirements, and investigate the current design options for a scalable access control architecture. We argue that the key design options to achieve scalability are the choice of the representation of access control policy, the distribution mechanism for policy and the choice of access rights revocation scheme.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2005
Accession Number
ADA437426

Entities

People

  • Angelos Dennis Keromytis
  • Jonathan M. Smith

Organizations

  • Columbia University

Tags

Communities of Interest

  • Autonomy
  • Human Systems

DTIC Thesaurus Topics

  • Authentication
  • Computer Access Control
  • Computer Networks
  • Computing System Architectures
  • Control Systems
  • Cryptography
  • Entry Control Systems
  • Information Operations
  • Internet
  • Language
  • Network Protocols
  • Network Topology
  • Networks
  • Operating Systems
  • Scalability
  • Security
  • Security Protocols

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Robotics and Automation.
  • Systems Analysis and Design