Sciweavers

JCS
2008

Non-delegatable authorities in capability systems

13 years 11 months ago
Non-delegatable authorities in capability systems
We present a novel technique, known as the non-delegatable authority (NDA), for distributing authority to unconfined subjects in capability systems that prevents them from sharing the exact same authority that they have been given with anyone else. This feature is present in common systems based on access control lists (ACLs) in which one may hand out a permission without handing out the associated "grant" right, but has been thought to be impossible to express in capability systems until now. Consequently, we demonstrate that NDAs may be used to express ACL-like constructs and their basic pattern is directly applicable for implementing Multi-Level Security and identity-based access controls in the object-capability model. The extra complexity introduced by our NDA implementation can be hidden behind constructs that allow NDAs to be wielded as if they were ordinary capabilities to the target resource. These constructs cannot break the non-delegatability constraint and allow ...
Toby C. Murray, Duncan A. Grove
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2008
Where JCS
Authors Toby C. Murray, Duncan A. Grove
Comments (0)