Authentication and authorization are crucial for ensuring the security of information systems. Role-based access control (RBAC) can act as an efficient method of managing authorization of system resources. In this paper, we apply identity-based signature (IBS) technique to cryp-tographically provide user authentication and role-based authorization. To achieve this, we first extend the RBAC model to incorporate identity-based cryptography. Our access control architecture is derived from an identity-based signature scheme on bilinear pairings and eliminates the use of digital certificates. In our suggestion, the manager checks the validity of a user's identity and user's activated roles simultaneously by verifying a corresponding signature, thus the user authentication and role-based authorization procedures can be combined into one operation. We also prove the security of the proposed scheme in the random oracle model.
展开▼
