科技报告详细信息
Distributed authorization using delegation with acyclic paths
Lain, Antonio ; Mowbray, Miranda
HP Development Company
关键词: trust management;    SmartFrog;   
RP-ID  :  HPL-2006-30R1
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

We present a new trust management scheme for distributed authorization which can be easily implemented using X.509-based certificate chains, but does not require globally unique role names. A principal proves that he has authorization for a particular action by demonstrating the existence of an acyclic chain of bindings from a specified principal to himself, where the sequence of labels in the chain matches a template. This template is in an easily- computed subset of regular path expressions. Our restrictions to acyclic paths and to a subset of path expressions enable us to permit controlled delegation, relax the requirement of global agreement on role names, and provide an intuitive abstraction. We show that some useful security properties can be determined in polynomial time. Our scheme has been used in practice to secure a management framework for distributed components: we give an overview of the implementation. 13 Pages

【 预 览 】
附件列表
Files Size Format View
RO201804100001346LZ 322KB PDF download
  文献评价指标  
  下载次数:16次 浏览次数:28次