Analysis of authorization framework and its implementation
Date
2011
Authors
Bhandari, Pushpendra Singh
Journal Title
Journal ISSN
Volume Title
Publisher
Department of Computer Science and Information Technology
Abstract
As more resources are being made available over the internet and intranet, it is important to ensure that appropriate resources are accessed by appropriate users. In a large scale service oriented computing environment where thousands of computers, storage systems, networks, scientific instruments and other devices distributed over wide area networks presents unique security problems that are not addressed by traditional client-server/distributed computing environments. Thus, a need for authorization is required.
Authorization implementation enables users and organizations to have secure, protected, and private access to remote services. It has been found that early design of authentication and authorization eliminates a high percentage of application vulnerabilities. This thesis report focuses on need for an authorization, its requirements and how access of the protected resources from unauthenticated users in a distributed, web-based system is controlled by using the several controls and mechanisms provided by various authorization techniques and tools. This thesis focuses on Shibboleth, the most widely used automated authentication and authorization tool. It is a system designed to exchange information across realms for authentication and authorization.
Finally, an implementation is shown demonstrating how an authorization can be used in an organization to ensure a secure access to the protected resources based on different access controls.
Description
Keywords
Authentication agents, Security service