An architecture for practical delegation in a distributed system
- 1 January 1990
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
A practical technique for delegation is described. It provides both cryptographic assurance that a delegation was authorized and authentication of the delegated systems, thereby allowing reliable access control as well as precise auditing of the systems involved in every access. It goes further than other approaches for delegation in that it also provides termination of a delegation on demand (as when the user logs out) with the assurance that the delegated systems, if subsequently compromised, cannot continue to act on the user's behalf. Delegation and revocation are provided by a simple mechanism that does not rely on online trusted servers.Keywords
This publication has 9 references indexed in Scilit:
- An axiomatic basis of trust in distributed systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Cascaded authenticationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Practical authentication for distributed computingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1990
- Authentication and discretionary access control in computer networksComputers & Security, 1986
- A Global Authentication Service without Global TrustPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1986
- A Password-Capability SystemThe Computer Journal, 1986
- Security Kernel Design and Implementation: An IntroductionComputer, 1983
- Object representation on a heterogeneous networkACM SIGOPS Operating Systems Review, 1982
- A method for obtaining digital signatures and public-key cryptosystemsCommunications of the ACM, 1978