Byline: Tinggang Xiong (1,2), Zhengding Lu (1), Jiahong Zhang (2), Zhong Ma (2) Keywords: distributed access control; quorum system; dependability; construction algorithm; TP 309 Abstract: Quorum system is a preferable model to construct distributed access control architecture, but not all quorum system can satisfy the requirements of distributed access control architecture. Aiming at the dependable problem of authorization server in distributed system and combining the requirements of access control, a set of criterions to select and evaluate quorum system is presented. The scheme and algorithm of constructing an authorization server system based on Paths quorum system are designed, and the integrated system performance under some servers attacked is fully analyzed. Role-based access control on the Web implemented by this scheme is introduced. Analysis shows that with certain node failure probability, the scheme not only has high dependability but also can satisfy the special requirements of distributed access control such as real-time, parallelism, and consistency of security policy. Author Affiliation: (1) School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, Hubei, China (2) Wuhan Digital and Engineering Institute, Wuhan, 430074, Hubei, China Article History: Registration Date: 11/05/2010 Received Date: 25/11/2009 Online Date: 13/05/2010 Article note: Foundation item: Supported by the National Natural Science Foundation of China (70771043, 60873225, 60773191) Biography: XIONG Tinggang, male, Professor, Ph. D. candidate, research direction: fault-tolerant computing and information security.