In Distributed Access Control System Project Report we present a decentralized access control system based on authorization certificates. The system is designed to be scalable,provide high availability and overcome the problem of SPOF (Single Point of Failure) that is characteristic of a centralized access control system. We also describe a method to decentralize the Certificate Store. The system is designed to provide the user with node transparency - the user can connect to any AC (access control) node to gain access to the distributed system.
Internet enables global sharing of resources across organizational boundaries. In the domain of resource sharing, distributed systems offer many advantages. These systems are fault tolerant, provide faster access and high availability, have low setup cost and are tremendously scalable. However, an organization has many types of resources and often organizations can only offer selective
role-based access to some or all of its resources. Hence, there is a need of a light-weight access control system that can be used to validate users and provide access based on the assigned privileges.
A Distributed Access Control System (DACS) is such a system that provides access control for resources spread out at multiple locations. Most traditional implementations of DACS are based on a centralized control server that acts as intermediary between the end user and the distributed system. All requests for resources by a client are processed by DACS and the server provides access based on the permissions stored at the server. However, due to a centralized model, the existing centralized access control
mechanisms fail to provide scalability and high availability, the very essential features that form the base of Cloud Computing.
Hence, a decentralized scalable model for DACS is required. The model should overcome the problem of SPOF ((Single Point of Failure) and hence some redundancy has to be added. We use digital signatures to sign the certificates for correctly isdentifying a valid certificate. Digital Signature Algorithm based on RSA is used for signing the certificate. Certificates are issued to clients in encrypted format. Since , RSA cant handle encrypt large plaintext messages, AES 16-bit encryption algorithm is used to encrypt
the certificate data and sent along with the corresponding AES key encrypted with RSA public key of the destination.
Design a scalable, fault tolerant, decentralized access control system that provides fast access and high availability. The design should overcome the problem of SPOF (Single Point of Failure).
Download Distributed Access Control System Project Report