Abstract:
Large organizations often require different departments to collaborate efficiently for smooth and secure flow of information. So there is a need to devise a mechanism which allows multiple organizations or departments to share each other’s sensitive resources without breaching security mechanism in place. Dynamic delegation is a mechanism which can be used to create policies of limited duration to delegate certain access rights to others.
Our project “Access Right Delegation for Secure Group Information System” aims not only on providing authentication and authorization mechanism but Dynamic delegation as well. Authorized users, without the involvement of system administrator can 'Delegate' available resources and 'Revoke' these delegated rights at any time. This system is complemented with Policy Administration Point (PAP) which is user friendly interface, Policy Enforcement Point (PEP) which enforces decisions made by the Policy Decision Point (PDP). Using latest technologies like ‘Spring Framework’ and ‘Hibernate’ a generic code is designed which is robust and reusable.
