Authentication and authorization are crucial for ensuring the security of information systems. Role-based access control (RBAC) can act as an efficient method of managing authorization of system resources. In this paper, we apply identity-based signature (IBS) technique to cryptographically provide user authentication and role-based authorization. To achieve this, we first extend the RBAC model to incorporate identitybased cryptography. Our access control architecture is derived from an identity-based signature scheme on bilinear pairings and eliminates the use of digital certificates. In our suggestion, the manager checks the validity of a user's identity and user's activated roles simultaneously by verifying a corresponding signature, thus the user authentication and role-based authorization procedures can be combined into one operation. We also prove the security of the proposed scheme in the random oracle model. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Wang, J., Yu, J., Li, D., Bai, X., & Jia, Z. (2007). Combining user authentication with role-based authorazition based on identity-based signature. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4456 LNAI, pp. 847–857). Springer Verlag. https://doi.org/10.1007/978-3-540-74377-4_89
Mendeley helps you to discover research relevant for your work.