Logo des Repositoriums

Auflistung nach Schlagwort "X.509"

1 - 2 von 2
  • Konferenzbeitrag
    A Policy Language for Integrating Heterogeneous Authorization Policies
    (Grid service engineering and management – the 4th international conference on grid service engineering and management – GSEM 2007, 2007) Zhou, Wie; Meinel, Christoph
    In order to manage and enforce multiple heterogeneous authorization policies in distributed authorization environment, we defined the root policy specification language and its corresponding enforcing mechanism. In a root policy, the involved users and resources can be defined in coarse or fine-grained. Each involved authorization policy’s storage, trust management and enforcement can be defined independently. These authorization policies can be enforced in distributed way. Policy schemas, policy subschemas and policy hierarchies can deal with complex authorization scenarios. The context constraint component makes the root policy is a context-aware authorization system. On the other hand multiple root policies can cooperate together to complete more complicated authorization tasks.
  • Konferenzbeitrag
    X.509 User Certificate-based Two-Factor Authentication for Web Applications
    (10. DFN-Forum Kommunikationstechnologien, 2017) Waldvogel, Marcel; Zink, Thomas
    An appealing property to researchers, educators, and students is the openness of the phys­ical environment and IT infrastructure of their organizations. However, to the IT administration, this creates challenges way beyond those of a single-purpose business or administration. Especially the personally identifiable information or the power of the critical functions behind these logins, such as financial transactions or manipulating user accounts, require extra protection in the heterogeneous educational environment with single-sign-on. However, most web-based environments still Jack a reasonable second-factor protection or at least the enforcement of it for privileged operations with­out hindering normal usage. In this paper we introduce a novel and surprisingly simple yet extremely flexible way to irnplement two-factor authentication based on X.509 user certificates in web applications. Our solution requires only a few !irres of code in web server configuration and none in the application source code for basic protection. Furthermore, since it is based on X.509 certificates, it can be easily combined with smartcards or USB cryptotokens to further enhance security.