An approach to role-based access control for digital content

E. Weippl. An approach to role-based access control for digital content. pages 290-295, 4, 2001.

  • Edgar Weippl
BuchProc. Int. Conf. on Information Technology: Coding and Computing (ITCC 2001)
TypIn Konferenzband
Abstract Role-based access control is the state-of-the-art mechanism for restricting access to resources. Today, digital content is distributed via CD-ROMS and the Internet with little or no protection. Using widely available public key cryptography, we propose to extend the paradigm of role-based access control to digital content by encapsulating it into secure document containers. Certification authorities can certify that a specific user belongs to certain group and can thus be granted access to systems (i.e. document containers) that do not know who the user actually is. Online distribution of one-time keys can be used to avoid various attacks like replays.