Buradasınız

KURUMSAL İŞ AKIŞINDA SÜRDÜRÜLEBİLİR YETKİ DENE.TİMİ VE YETKİLİ SAYISAL İMZA MODELİ

SUSTAINABLE AUTHORIZATION IN ENTERPRISE WORKFLOW AND AUTHORIZED DIGITAL SIGNATURE MODEL

Journal Name:

Publication Year:

Keywords (Original Language):

Author NameUniversity of Author
Abstract (2. Language): 
Authorization systems makes it possible that a user could only act in accordance with the permissions defined by the functional group it belongs. The authorization control mechanism employed in workflow became insufficient for the external enterprise processes as inter-agency correspondences. In this study, the sustainability of authorization in enterprise workflow, documents in circulation and long-term archives has been analyzed and demonstrated with Petri net models. Furthermore, a case study on digital signatures for the deficiencies of the enterprise authorization is presented. An authorized signature model is also proposed where authorization is employed in digital signature for the sustainability of authorization. The proposed solution is implemented using pairing based cryptography and analyses are provided.
Abstract (Original Language): 
Yetki denetim sistemleri, kurumdaki kullanıcının, ait olduğu fonksiyonel gruba tanımlanan izinler doğrultusunda işlem yapabilmesine olanak tanımaktadır. Kurum içi iş akışında uygulanan bu denetim, yetki kontrolünde kurumlar arası yazışmalar gibi kurum yapısı dışına çıkan süreçlerde yetersiz kalmaktadır. Bu çalışmada, yetki denetiminin, kurumsal iş akışında, dolaşımda ve arşivlenen belgeler kapsamında süreklilik analizi, petri ağları yöntemi ile ortaya konulmuştur. Kurumsal yetki denetimindeki eksiklikler için sayısal imza üzerinde bir vaka çalışması yapılmış ve yetki denetiminin sürdürülebilirliği için imzanın yetki denetimi işleviyle donatıldığı bir çözüm modeli önerilmiştir. Bu çözüm, eşleme tabanlı kriptografi ile gerçeklenmiş ve yapılan analizler çalışmaya dâhil edilmiştir.
559
568

REFERENCES

References: 

1. Neuman B. Clifford and Ts'o T. “Kerberos: An
Authentication Service for Computer Networks”,
IEEE Communications, 32(9):33-38, 1994.
2. Rigney, C., Rubens, A., Simpson, W. and S.
Willens, "Remote Authentication Dial In User
Service (RADIUS)", RFC 2138, April 1997.
3. Jie W, Arshad J, Sinnott R, Townend P, and Lei Z.
“A review of grid authentication and authorization
technologies and support for federated access
control.” ACM Computing Surveys, 43, 2,
Article 12, 2011
4. ANSI, American National Standard for
Information Technology—Role Based Access
Control, p. 359, ANSI Int’l Committee for Inf.
Technology Stds, 2004
5. Ferraiolo D.F., Kuhn R., Sandhu R., "RBAC
Standard Rationale: comments on a Critique of the
ANSI Standard on Role Based Access
Control”, IEEESecurity Privacy, v5/6, 2007
6. Mambo M., Usuda K., Okamoto E. “Proxy
signatures: Delegation of the power to sign
messages”, IEICE Trans. Fundamentals, Vol.
E79-A No. 9, 1996.
7. Chaum D., Heyst E.Van, “Group signatures”,
Advances in Cryptology, EUROCRYPT ’91,
LNCS Vol. 547,257–265, 1991.
8. Bellare M., Shi H., Zhang C., “Foundations of
Group Signatures: The Case of Dynamic Groups.
Topics in Cryptology” CT-RSA 2005 Proc.,
LNCS Vol. 3376, 2005
9. Shamir A.,“Id- Based Cryptosystems and
Signature Schemes”, LNCS Vol. 7 1984.
10. Paterson K. G., “ID-based signatures from
pairings on elliptic curves”, IEEE
Communication Letters, 38(18), 2002.
11. Vural Y., Sağıroğlu Ş., “Kurumsal Bilgi
Güvenliğinde Güvenlik Testleri ve Öneriler”, Gazi
Üniversitesi Mühendislik-Mimarlık Fakültesi
Dergisi, Cilt:26, No:1, 2011.
12. Jensen, K., “Coloured Petri nets. Basic concepts,
analysis methods and practical use”, Monographs
in Theoretical Computer Science, vol. 1.
Springer, Heidelberg, 1992
13. Al-Azzoni, I., Down, D.G., Khedri, R.
“Modelling and verification of cryptographic
protocols using coloured Petri nets and Design”.
Nordic Journal of Computing 12(3), 2005
14. Zaitsev, D.A., Clans of Petri Nets: Verification
of protocols and performance evaluation of
networks, LAP LAMBERT Academic Publ, 2013.
15. Boneh D., Lynn B., Shacham H. “Short signatures
from Weil pairing”, LNCS 2248, 2001.
16. Barreto P.S.L.M “The pairing-based cryptography
lounge”. http://www.larc.usp.br/~pbarreto/
pblounge.html, erişim, 2014.
17. PKI, “Internet X.509 Public Key Infrastructure
Certificate and Certificate Revocation List (CRL)
Profile”, RFC 5280,IETF, 2008.
18. Farrell, S.,Housley, R “An Internet Attribute
Certificate Profile for Authorization”, RFC
3281,IETF, 2002.
19. PKI,“Internet X.509 Public Key Infrastructure
Profile”,RFC 5280, IETF, 2008.
20. Joux A., “A one round protocol for tripartite
diffie-hellman”, Proc. of the 4th International
Symposium on Algorithmic Number Theory,
Springer-Verlag, 2000
21. Pairing-based cryptography library,
http://crypto.stanford.edu/pbc/, erişim, 2014
22. GMP, “GNU Multi-precision Arithmetic Library”,
http:// gmplib.org, erişim, 2014
23. Dingle N.J., Knottenbelt W.J., Suto T., “PIPE2: A
Tool for the Performance Evaluation of
Generalised Stochastic Petri Nets (PDF Format).”,
ACM SIGMETRICS Performance Evaluation
Review (Special Issue on Tools for Computer
Performance Modelling and Reliability
Analysis), Vol. 36(4), pp.34-39. 2009
24. PIPE: Platform Independent Petri net Editor 2,
http://pipe2.sourceforge.net/, eriş., 2014
25. Barkley J. “Comparing simple role based access
control models and access control lists”. In
Proceedings of RBAC '97 ACM, NY, 127-
132.,1997
26. Bellare M, Rogaway P., “Random Oracles are
practical: A Paradigm for Designing Efficient
Protocols”, ACM Conf. Computer and
Communication Security, 1993.

Thank you for copying data from http://www.arastirmax.com