dc.contributor.advisor | Springer, Gordon K. (Gordon Kent) | eng |
dc.contributor.author | Singh, Harcharan | eng |
dc.date.issued | 2011 | eng |
dc.date.submitted | 2011 Summer | eng |
dc.description | Title from PDF of title page (University of Missouri--Columbia, viewed on March 20, 2013). | eng |
dc.description | The entire thesis text is included in the research.pdf file; the official abstract appears in the short.pdf file; a non-technical public abstract appears in the public.pdf file. | eng |
dc.description | Thesis advisor: Dr. Gordon K. Springer | eng |
dc.description | Includes bibliographical references. | eng |
dc.description | M. S. University of Missouri--Columbia 2011. | eng |
dc.description | "July 2011" | eng |
dc.description.abstract | The current project is based, in part, on the use of Shibboleth to provide restricted access to resources via the web. These services and the incorporation of a separate Entitlement Server provide fine-grained access to protected resources. This project incorporates multiple Entitlement Servers to provide a robust authorization environment that can continue to operate in the event of server or network failures in the trusted environment. The design proposed in this project decentralizes the authorization process by running multiple entitlement server applications in the network. The project outlines a procedure of interaction between a service provider and the group of entitlement servers for performing the authorization of users. Multiple entitlement servers in the network help in achieving a fault tolerant and highly available authorization process. The authorization process can proceed when at least one entitlement server is present in the logical group. Each of the entitlement servers present in the group maintains enough information about the users to make detailed authorization decisions. An information synchronization methodology is utilized such that each of the entitlement servers has consistent data. The scalable architecture of the authorization process allows the addition of an additional entitlement server to the group on the fly. The design also considers the security risk factors so that any communication message between two entities is encrypted to avoid disclosure of the messages. | eng |
dc.format.extent | vii, 58 pages | eng |
dc.identifier.uri | http://hdl.handle.net/10355/33485 | |
dc.language | English | eng |
dc.publisher | University of Missouri--Columbia | eng |
dc.rights | OpenAccess. | eng |
dc.rights.license | This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 License. | |
dc.subject | Shibboleth | eng |
dc.subject | Entitlement Server | eng |
dc.subject | authorization environment | eng |
dc.subject | access restriction | eng |
dc.title | Fault tolerant and highly available entitlement server | eng |
dc.type | Thesis | eng |
thesis.degree.discipline | Computer science (MU) | eng |
thesis.degree.grantor | University of Missouri--Columbia | eng |
thesis.degree.level | Masters | eng |
thesis.degree.name | M.S. | eng |