東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

The Abacus: A New Approach to Author...

Siebach, Jacob Aaron Jess.

Linked to FindBook

Google Book

Amazon

博客來

The Abacus: A New Approach to Authorization.

Record Type:	Electronic resources : Monograph/item
Title/Author:	The Abacus: A New Approach to Authorization./
Author:	Siebach, Jacob Aaron Jess.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2021,
Description:	91 p.
Notes:	Source: Masters Abstracts International, Volume: 83-05.
Contained By:	Masters Abstracts International83-05.
Subject:	Software. -
Online resource:	https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28810071
ISBN:	9798494456984

The Abacus: A New Approach to Authorization.
Siebach, Jacob Aaron Jess.

The Abacus: A New Approach to Authorization. - Ann Arbor : ProQuest Dissertations & Theses, 2021 - 91 p.

Source: Masters Abstracts International, Volume: 83-05.

Thesis (M.Sc.)--Brigham Young University, 2021.

This item must not be sold to any third party vendors.

The purpose of this thesis is to investigate the implementation of digital authorization for computer systems, specifically how to implement an efficient and secure authorization engine that uses policies and attributes to calculate authorization. The architecture for the authorization engine is discussed, the efficiency of the engine is characterized by various tests, and the security model is reviewed against other presently existing models. The resulting efforts showed an increase in efficiency of almost two orders of magnitude, along with a reduction in the amount of processing power required to run the engine.The main focus of the work is how to provide precise, performant authorization using policies and attributes in a way that does not require the authorization engine to break domain boundaries by directly accessing data stores. Specifically, by pushing attributes from source domains into the authorization service, domains do not require the authorization service to have access to the data stores of the domain, nor is the authorization service required to have credentials to access data via APIs. This model also allows for a significant reduction in data motion as attributes need only be sent over the network once (when the attribute changes) as opposed to every time that the engine needs the attribute or every time that an attribute cache needs to be refreshed, resulting in a more secure way to store attributes for authorization purposes.

ISBN: 9798494456984Subjects--Topical Terms:

619355
Software.

The Abacus: A New Approach to Authorization.
LDR:02539nmm a2200349 4500 001 2285405
005 20211129133358.5
008 220723s2021 ||||||||||||||||| ||eng d
020 $a 9798494456984
035 $a (MiAaPQ)AAI28810071
035 $a (MiAaPQ)BrighamYoung10230
035 $a AAI28810071
040 $a MiAaPQ $c MiAaPQ
100 1 $a Siebach, Jacob Aaron Jess. $3 3564736
245 1 4 $a The Abacus: A New Approach to Authorization.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2021
300 $a 91 p.
500 $a Source: Masters Abstracts International, Volume: 83-05.
500 $a Advisor: Giboney, Justin S. ;Hughes, Amanda L. ;Seamons, Kent E. .
502 $a Thesis (M.Sc.)--Brigham Young University, 2021.
506 $a This item must not be sold to any third party vendors.
520 $a The purpose of this thesis is to investigate the implementation of digital authorization for computer systems, specifically how to implement an efficient and secure authorization engine that uses policies and attributes to calculate authorization. The architecture for the authorization engine is discussed, the efficiency of the engine is characterized by various tests, and the security model is reviewed against other presently existing models. The resulting efforts showed an increase in efficiency of almost two orders of magnitude, along with a reduction in the amount of processing power required to run the engine.The main focus of the work is how to provide precise, performant authorization using policies and attributes in a way that does not require the authorization engine to break domain boundaries by directly accessing data stores. Specifically, by pushing attributes from source domains into the authorization service, domains do not require the authorization service to have access to the data stores of the domain, nor is the authorization service required to have credentials to access data via APIs. This model also allows for a significant reduction in data motion as attributes need only be sent over the network once (when the attribute changes) as opposed to every time that the engine needs the attribute or every time that an attribute cache needs to be refreshed, resulting in a more secure way to store attributes for authorization purposes.
590 $a School code: 0022.
650 4 $a Software. $2 gtt. $3 619355
650 4 $a Data integrity. $3 2142314
650 4 $a Security management. $3 3562413
650 4 $a Logic. $3 529544
650 4 $a Federal employees. $3 3564737
650 4 $a Design. $3 518875
650 4 $a Library resources. $2 fast $3 3389607
650 4 $a Grants. $3 3564738
650 4 $a Access control. $3 1458437
650 4 $a Access to materials. $3 3563450
650 4 $a Security systems. $3 767564
650 4 $a Interfaces. $2 gtt $3 834756
650 4 $a Computer science. $3 523869
690 $a 0395
690 $a 0389
690 $a 0729
690 $a 0984
690 $a 0454
710 2 $a Brigham Young University. $3 1017451
773 0 $t Masters Abstracts International $g 83-05.
790 $a 0022
791 $a M.Sc.
792 $a 2021
793 $a English
856 4 0 $u https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=28810071