Secure Authorisation agent for cross-domain access control in a mobile computing environment

Abstract

New portable computers and wireless communication technologies have significantly enhanced mobile computing. The emergence of network technology that supports user mobility and universal network access has prompted new requirements and concerns, especially in the aspects of access control and security. In this paper, we propose a new approach using authorisation agents for cross-domain access control in a mobile computing environment. Our framework consists of three main components, namely centralised authorisation servers, authorisation tokens and authorisation agents. An infrastructure of centralised authorisation servers and application servers from different domains is proposed for supporting trust propagation to mobile hosts instantaneously. While the authorisation token is a form of static capability, the authorisation agent on the client side can be regarded as a dynamic capability to provide the functionality in client-server interactions. It works collaboratively with remote servers to provide authorisation service with finer access granularity and higher flexibility.