DELEGATING AUTHORITY IN A DISTRIBUTED INFORMATION MANAGEMENT SYSTEM

Kareem S. Aggour, Barbara J. Vivier, Janet A. Barnett

Abstract

The need to manage large information repositories in a secure, distributed environment increases with the growth of the Internet. To address this need, a system capable of managing the contents of an LDAP directory over the Web has been designed and developed. This system allows for the directory’s data to be divided into communities and supports the delegation of administrative authority over those communities to a distributed set of administrators. The communities may be subdivided recursively into subgroups, and rights over those subgroups also may be restricted. Thus, system administrators can dynamically delegate subsets of their permissions over a subset of their managed data, allowing for the flexible and effective control of permissions over the data within distributed organizations. The system solves the delegated administration problem for managing the contents of an LDAP directory in a distributed environment. Today, it supports the administration of over 20 production directories by well over 2000 distributed administrators.

References

  1. Loshin, P. (2001). Single Sign-on. Retrieved January 19, 2004, from, http://www.computerworld.com/security topics/security/story/0,10801,57285,00.html
  2. Netegrity IdentityMinder: Overview. (n.d.). Retrieved October 9, 2003, from, http://www.netegrity.com/ products/products.cfm?page=IMoverview
  3. Oblix NetPoint. (n.d.). Retrieved October 9, 2003, from, http://www.oblix.com/products/netpoint/index.html
  4. Senf, D. (2003). Identity Management: Securing Your E-Business Future. Retrieved January 19, 2004, from, http://www2.cio.com/ analyst/report940.html
  5. Sun ONE Directory Server 5.2. (n.d.). Retrieved October 9, 2003, from, http://wwws.sun.com/software/ products/directory_srvr/home_directory.html
  6. Weltman, R. & Dahbura, T. (2000). LDAP Programming with Java, Addison-Wesley, Reading, MA
Download


Paper Citation


in Harvard Style

S. Aggour K., J. Vivier B. and A. Barnett J. (2004). DELEGATING AUTHORITY IN A DISTRIBUTED INFORMATION MANAGEMENT SYSTEM . In Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 972-8865-00-7, pages 155-162. DOI: 10.5220/0002602801550162


in Bibtex Style

@conference{iceis04,
author={Kareem S. Aggour and Barbara J. Vivier and Janet A. Barnett},
title={DELEGATING AUTHORITY IN A DISTRIBUTED INFORMATION MANAGEMENT SYSTEM},
booktitle={Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2004},
pages={155-162},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002602801550162},
isbn={972-8865-00-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - DELEGATING AUTHORITY IN A DISTRIBUTED INFORMATION MANAGEMENT SYSTEM
SN - 972-8865-00-7
AU - S. Aggour K.
AU - J. Vivier B.
AU - A. Barnett J.
PY - 2004
SP - 155
EP - 162
DO - 10.5220/0002602801550162