As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. This paper considers the issues involved in the design of a secure distributed authorization service. This paper discusses the architectural design principles, describes the Authorization Server architecture and components, briefly mentions some of the key authorization language constructs and outlines the steps involved in the construction of an authorization system in practice.
|Number of pages||6|
|Journal||Conference Record / IEEE Global Telecommunications Conference|
|Publication status||Published - 1998|