Access control in an open distributed environment

Hayton, Richard; Bacon, Jean; Moody, Ken

doi:10.1109/secpri.1998.674819

Cited by 66 publications

(46 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…CODEX does not include an implementation for |= θ nor does it fix a representation for credentials. However, contemporary authorization engines, like SDSI [35], KeyNote [2] or the work of Hayton et al [23], do provide such implementations and could well be incorporated into CODEX. CODEX associates a separate authorization policy with each of the three operations it supports.…”

Section: Codex Integritymentioning

confidence: 99%

CODEX: a robust and secure secret distribution system

Marsh

Schneider

2004

IEEE Trans.Dependable and Secure Comput.

View full text Add to dashboard Cite

Abstract-CODEX (COrnell Data EXchange) stores secrets for subsequent access by authorized clients. It also is a vehicle for exploring the generality of a relatively new approach to building distributed services that are both fault-tolerant and attack-tolerant. Elements of that approach include: embracing the asynchronous (rather than synchronous) model of computation, use of Byzantine quorum systems for storing state, and employing proactive secret sharing with threshold cryptography for implementing confidentiality and authentication of service responses. Besides explaining the CODEX protocols, experiments to measure their performance are discussed.

show abstract

Section: Codex Integritymentioning

confidence: 99%

CODEX: a robust and secure secret distribution system

Marsh

Schneider

2004

IEEE Trans.Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…The credential record reference (CRR) in the RMC allows the issuer and the CR to be located. Details of how the CR might be designed were given in [9]. [10] discussed engineering issues for OASIS implementations in administrative domains that span many individual services.…”

Section: Oasis Engineeringmentioning

confidence: 99%

Access Control and Trust in the Use of Widely Distributed Services

2001

View full text Add to dashboard Cite

Abstract. OASIS is a role-based access control architecture for achieving secure interoperation of independently managed services in an open, distributed environment. OASIS differs from other RBAC schemes in a number of ways: role management is decentralised, roles are parametrised, and privileges are not delegated. OASIS depends on an active middleware platform to notify services of any relevant changes in their environment. Services define roles and establish formally specified policy for role activation and service use; users must present the required credentials and satisfy specified constraints in order to activate a role or invoke a service. The membership rule of a role indicates which of the role activation conditions must remain true while the role is active. A role is deactivated immediately if any of the conditions of the membership rule associated with its activation become false. Instead of privilege delegation OASIS introduces the notion of appointment, whereby being active in certain roles carries the privilege of issuing appointment certificates to other users. Appointment certificates capture the notion of long lived credentials such as academic and professional qualification or membership of an organisation. The role activation conditions of a service may include appointment certificates, prerequisite roles and environmental constraints. We define the model and architecture and discuss engineering details, including security issues. We illustrate how an OASIS session can span multiple domains, and discuss how it can be used in a global environment where roving principals, in possession of appointment certificates, encounter and wish to use services. We propose a minimal infrastructure to enable widely distributed, independently developed services to enter into agreements to respect each other's credentials. We speculate on a further extension to mutually unknown, and therefore untrusted, parties. Each party will accumulate audit certificates which embody its interaction history and which may form the basis of a web of trust.

show abstract

“…If the community subject to this policy is small enough, then such enforcement can sometimes be carried out by employing a trusted third party (TTP) to function as a kind of reference monitor [1], which mediates all the interactions subject to it. This has been done by several projects [3,12], mostly in the context of distributed enterprise systems. But if the community is large, as is often the case over the internet, then the use of a single reference monitor is inherently unscalable, since it constitute a dangerous single point of failure, and could become a bottleneck if the system is large enough.…”

Section: Introductionmentioning

confidence: 99%

Regularity-Based Trust in Cyberspace

Minsky

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. One can distinguish between two kinds of trust that may be placed in a given entity e (a person or a thing), which we call: familiarity-based trust and regularity-based trust. A familiarity-based trust in e is a trust based on personal familiarity with e, or on testimonial by somebody who is familiar, directly or indirectly, with e; or even on some measure of the general reputation of e. A regularity-based trust is based on the recognition that e belongs to a class, or a community, that is known to exhibits a certain regularity-that is, it is known that all members of this class satisfy a certain property, or that their behavior conforms to a certain law. These two types of trust play important, and complementary, roles in out treatment of the physical world. But, as we shall see, the role of regularity-based trust in out treatment of the cyberspace has been limited so far because of difficulties in establishing such trust it in this context. It is this latter kind of trust, which is the focus of this paper. We will describe a mechanism for establishing a wide range of regularity-based trusts, and will demonstrate the effectiveness of this mechanism, by showing how it can enhance the trustworthiness of a certain type of commercial client-server interactions over the internet.

show abstract

Access control in an open distributed environment

Cited by 66 publications

References 8 publications

CODEX: a robust and secure secret distribution system

CODEX: a robust and secure secret distribution system

Access Control and Trust in the Use of Widely Distributed Services

Regularity-Based Trust in Cyberspace

Contact Info

Product

Resources

About