Sciweavers

ICDCS
2002
IEEE

Reasoning about Joint Administration of Access Policies for Coalition Resources

14 years 5 months ago
Reasoning about Joint Administration of Access Policies for Coalition Resources
We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority’s private key with which they sign the attribute certificates. Hence, any (proper) subset of the member domains need not be trusted to protect the private key. However, application servers that implement joint administration of access policies based on attribute certificates must trust all the signers of those certificates, namely all member domains of the coalition. To capture these trust relations we extend existing access control logics and show that the extensions are sound. To reason about joint administration of access policies, we illustrate an authorization protocol in our logic for accessin...
Himanshu Khurana, Virgil D. Gligor, John Linn
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ICDCS
Authors Himanshu Khurana, Virgil D. Gligor, John Linn
Comments (0)