Nataraj Nagaratnam - Academia.edu (original) (raw)
Uploads
Papers by Nataraj Nagaratnam
Conference on Object-Oriented Technologies and Systems, 1998
SDM is a Secure Delegation Model for Java-based distributed object environments. SDM extends curr... more SDM is a Secure Delegation Model for Java-based distributed object environments. SDM extends current Java security features to support secure remote method invocations that may involve chains of delegated calls across distributed objects. The framework supports a control API for application developers to specify mechanisms and security policies surrounding simple or cascaded delegation. Delegation may also be disabled and optionally
Lecture Notes in Computer Science, 1998
PrincipalDomain is an administrative scoping construct for establishing security policies based o... more PrincipalDomain is an administrative scoping construct for establishing security policies based on the principals invoking object services that may entail objects moving around a network to accomplish their task. The privi- leges attached to the principal determines the privileges of those mobile objects, which effectively defines the ac- cess control rules for any resource the object might re- quest. These objects may cooperate by delegating sub- tasks to other objects. During the process of delega- tion, when one object (initiator) authorizes another ob- ject (delegate) to perform some task, the attached priv- ileges might be passed on from initiator to the delegate to accomplish the task. Support for roles is used to im- prove manageability by adding an optional level of indi- rection. Role-based access control and delegation pro- vides a higher level of granularity than approaches lim- ited only to individuals. In this paper, we describe a pro- posed protection mechanism based on code-executing principals exercising their privileges via role constructs, and building delegation framework over this infrastruc- ture. This mechanism extends current Java security fea- tures to support principals, roles and delegation. The framework supports a control API for application devel- opers to specify mechanisms and security policies.
Distributed Systems Engineering, 1998
IEEE International Conference on Web Services (ICWS'05), 2005
... Jim Basney National Center for Supercomputing Applications, University of Illinois jbasney@nc... more ... Jim Basney National Center for Supercomputing Applications, University of Illinois jbasney@ncsa.uiuc.edu ... and the contribution of our own open source WS-Trust [2] implementation Interoperability, as shown through the successful interaction of our .NET and Java clients with ...
… of the third USENIX Conference on …, 1997
The rapid increase in the Internet's connectivityhas lead to proportional increase in the de... more The rapid increase in the Internet's connectivityhas lead to proportional increase in the developmentof Web-based applications. Usage of downloadablecontent has proved effective in a numberof emerging applications including electronic commerce,software components on-demand, and collaborativesystems. In all these cases, Internet useragents (like browsers, tuners) are widely used by theclients to utilize and execute such downloadable content.With this new technology of using...
IBM Systems Journal, 2000
As e-business matures, companies require enterprise-scalable functionality for their corporate In... more As e-business matures, companies require enterprise-scalable functionality for their corporate Internet and intranet environments. To support the expansion of their computing boundaries, businesses have embraced Web application servers. These servers support servlets, JavaServer Pages,, and Enterprise JavaBeans, technologies, providing simplified development and ˉexible deployment of Web-based applications. However, securing this malleable model presents a challenge. Successful companies recognize that their
IBM Systems Journal, 2000
... Architecture** (MDA**) 2,3 approach to separate the platform-independent model of the applica... more ... Architecture** (MDA**) 2,3 approach to separate the platform-independent model of the applicationarchitecture from the ... Managing a secure on demand business is an ongoing learning experience. ... the tasks within the life-cycle phases in order to accomplish the business goals. ...
OGSA Security WG, Global Grid Forum, Jul 1, 2002
This document is a roadmap enumerating a set of proposed specifications to be defined in the Glob... more This document is a roadmap enumerating a set of proposed specifications to be defined in the Global Grid Forum in order to ensure interoperable implementations of the OGSA Security Architecture. The specifications in this roadmap leverage existing and emerging Web Services security specifications.
Open Grid Service Architecture Security Working Group, Global Grid Forum, Jul 17, 2002
This document proposes a strategy for addressing security within the Open Grid Services Architect... more This document proposes a strategy for addressing security within the Open Grid Services Architecture (OGSA). It defines a comprehensive Grid security architecture that supports, integrates and unifies popular security models, mechanisms, protocols, platforms and technologies in a way that enables a variety of systems to interoperate securely. This security architecture is intended to be consistent with the security model that is currently being defined for the Web services framework used to realize OGSA's service-oriented ...
Conference on Object-Oriented Technologies and Systems, 1998
SDM is a Secure Delegation Model for Java-based distributed object environments. SDM extends curr... more SDM is a Secure Delegation Model for Java-based distributed object environments. SDM extends current Java security features to support secure remote method invocations that may involve chains of delegated calls across distributed objects. The framework supports a control API for application developers to specify mechanisms and security policies surrounding simple or cascaded delegation. Delegation may also be disabled and optionally
Lecture Notes in Computer Science, 1998
PrincipalDomain is an administrative scoping construct for establishing security policies based o... more PrincipalDomain is an administrative scoping construct for establishing security policies based on the principals invoking object services that may entail objects moving around a network to accomplish their task. The privi- leges attached to the principal determines the privileges of those mobile objects, which effectively defines the ac- cess control rules for any resource the object might re- quest. These objects may cooperate by delegating sub- tasks to other objects. During the process of delega- tion, when one object (initiator) authorizes another ob- ject (delegate) to perform some task, the attached priv- ileges might be passed on from initiator to the delegate to accomplish the task. Support for roles is used to im- prove manageability by adding an optional level of indi- rection. Role-based access control and delegation pro- vides a higher level of granularity than approaches lim- ited only to individuals. In this paper, we describe a pro- posed protection mechanism based on code-executing principals exercising their privileges via role constructs, and building delegation framework over this infrastruc- ture. This mechanism extends current Java security fea- tures to support principals, roles and delegation. The framework supports a control API for application devel- opers to specify mechanisms and security policies.
Distributed Systems Engineering, 1998
IEEE International Conference on Web Services (ICWS'05), 2005
... Jim Basney National Center for Supercomputing Applications, University of Illinois jbasney@nc... more ... Jim Basney National Center for Supercomputing Applications, University of Illinois jbasney@ncsa.uiuc.edu ... and the contribution of our own open source WS-Trust [2] implementation Interoperability, as shown through the successful interaction of our .NET and Java clients with ...
… of the third USENIX Conference on …, 1997
The rapid increase in the Internet's connectivityhas lead to proportional increase in the de... more The rapid increase in the Internet's connectivityhas lead to proportional increase in the developmentof Web-based applications. Usage of downloadablecontent has proved effective in a numberof emerging applications including electronic commerce,software components on-demand, and collaborativesystems. In all these cases, Internet useragents (like browsers, tuners) are widely used by theclients to utilize and execute such downloadable content.With this new technology of using...
IBM Systems Journal, 2000
As e-business matures, companies require enterprise-scalable functionality for their corporate In... more As e-business matures, companies require enterprise-scalable functionality for their corporate Internet and intranet environments. To support the expansion of their computing boundaries, businesses have embraced Web application servers. These servers support servlets, JavaServer Pages,, and Enterprise JavaBeans, technologies, providing simplified development and ˉexible deployment of Web-based applications. However, securing this malleable model presents a challenge. Successful companies recognize that their
IBM Systems Journal, 2000
... Architecture** (MDA**) 2,3 approach to separate the platform-independent model of the applica... more ... Architecture** (MDA**) 2,3 approach to separate the platform-independent model of the applicationarchitecture from the ... Managing a secure on demand business is an ongoing learning experience. ... the tasks within the life-cycle phases in order to accomplish the business goals. ...
OGSA Security WG, Global Grid Forum, Jul 1, 2002
This document is a roadmap enumerating a set of proposed specifications to be defined in the Glob... more This document is a roadmap enumerating a set of proposed specifications to be defined in the Global Grid Forum in order to ensure interoperable implementations of the OGSA Security Architecture. The specifications in this roadmap leverage existing and emerging Web Services security specifications.
Open Grid Service Architecture Security Working Group, Global Grid Forum, Jul 17, 2002
This document proposes a strategy for addressing security within the Open Grid Services Architect... more This document proposes a strategy for addressing security within the Open Grid Services Architecture (OGSA). It defines a comprehensive Grid security architecture that supports, integrates and unifies popular security models, mechanisms, protocols, platforms and technologies in a way that enables a variety of systems to interoperate securely. This security architecture is intended to be consistent with the security model that is currently being defined for the Web services framework used to realize OGSA's service-oriented ...