Sciweavers

WETICE
1998
IEEE

Authorization and Attribute Certificates for Widely Distributed Access Control

14 years 4 months ago
Authorization and Attribute Certificates for Widely Distributed Access Control
We describe a system whose purpose is to explore the use of certificates for the distributed management of access rights for resources that have multiple, independent, and geographically dispersed stakeholders. The stakeholders assert their use-conditions in authorization certificates and designate those trusted to attest to the corresponding attributes. These use-conditions implicitly define access groups through their requirement for certain attributes. All use-conditions must be satisfied simultaneously, so the actual access group is the intersection of all of the groups. A policy engine collects the use-condition certificates and attribute certificates when a user attempts to access a particular resource. If all of the use-conditions are met, a capability is generated for the resource. The policy engine can provide several different policy models depending on whether any relationship is established among the useconditions. The system architecture and implementation is described, t...
William E. Johnston, Srilekha Mudumbai, Mary R. Th
Added 05 Aug 2010
Updated 05 Aug 2010
Type Conference
Year 1998
Where WETICE
Authors William E. Johnston, Srilekha Mudumbai, Mary R. Thompson
Comments (0)