This paper presents a new trust management scheme for distributed authorization which can be easily implemented using X.509-based certificate chains, but does not require globally unique role names. A principal proves that he has authorization for a particular action by demonstrating the existence of an acyclic chain of bindings from a specified principal to himself, where the sequence of labels in the chain matches a template. This template is in an easily-computed subset of regular path expressions. The restrictions to acyclic paths and to a subset of path expressions enable us to permit controlled delegation, relax the requirement of global agreement on role names, and provide an intuitive abstraction.
Did you find this white paper useful?
6 out of 13 users found this white paper useful
Related white papers
Authoring Systems for Courseware Development: What Should Beginners Look for?
This paper is an introduction to courseware authoring systems, which are defined as software devised for an instructional environment that simplifies courseware development. The process of courseware authoring is described...
Implementing Microsoft Office SharePoint Server 2007 and Windows SharePoint Services 3.0 Solutions
When one begins implementing a solution based on Microsoft Office SharePoint Server (MOSS) 2007 or Windows SharePoint Services on a new server, he or she may seek comprehensive guidelines to...
JSFTemplating and Woodstock: Component Authoring Made Easy
In a recent paper, JSFTemplating was applied to writing JavaServer Faces components. That article presents a simple way to develop a JavaServer Faces component Renderer, moving the markup for a...
Collaborative Example Authoring System: The Value of Re-Annotation Based on Community Feedback
Learning from examples is a common and powerful approach when mastering the art of programming. In the classroom studies of WebEx and NavEx, students highly praised the systems. However, the...
TechNet Webcast: Workflow in Microsoft SharePoint Products and Technologies 2007: Out-of-the-Box and Creating Custom Workflows (Level 200)
This webcast discusses the integration of Windows Workflow Foundation into Windows SharePoint Services version 3.0; how workflows are designed, stored, and used; and which capabilities are enhanced by taking advantage...
A Cloze Test Authoring System and Its Automation
This paper presents a pilot system and discusses its possible extensions. The paper presents a web-based test authoring system for English grammar and vocabulary. It assists language teachers to make...
An Efficient Object-Oriented Authoring and Presentation System for Virtual Environments
This paper describes the design and implementation of a multi-purpose object-oriented authoring system for interactive virtual environments and presentations, semi-interactive 3D visualization, and non-interactive photorealistic animations. Its main design criteria...
