This paper presents a new trust management scheme for distributed authorization which can be easily implemented using X.509-based certificate chains, but does not require globally unique role names. A principal proves that he has authorization for a particular action by demonstrating the existence of an acyclic chain of bindings from a specified principal to himself, where the sequence of labels in the chain matches a template. This template is in an easily-computed subset of regular path expressions. The restrictions to acyclic paths and to a subset of path expressions enable us to permit controlled delegation, relax the requirement of global agreement on role names, and provide an intuitive abstraction.
Did you find this white paper useful?
6 out of 13 users found this white paper useful
Related white papers
Measurement Process Effectiveness Assessment Framework
This paper presents a framework for quantifying the effectiveness of a measurement program through a set of periodic assessment activities that are integrated into the measurement process. Measurement effectiveness is...
Automatic Synthesis of Multi-Tasking Implementations from Real-Time Object-Oriented Models
In this paper we present an approach towards automatic synthesis of implementations from real-time object-oriented design models. From an application design model that addresses the functional requirements of the system,...
Guidelines for Automated Implementation of Executable Object Oriented Models for Real-Time Embedded Control Systems
In this paper we present our experiences in applying real-time scheduling theory to embedded control systems designed using ROOM (Real-time Object Oriented Modeling) methodology. ROOM has originated from the telecommunications...
Optimal Reward-Based Scheduling for Periodic Real-Time Tasks
Reward-based scheduling refers to the problem in which there is a reward associated with the execution of a task. In our framework, each real-time task comprises a mandatory and an...
Practical Design Issues of Web Based Instruction
The use of the World Wide Web is growing at an exponential rate. Estimates of the usage increase range from 6% to 20%. In the training world, usage for training...
Scalable Real-Time System Design using Preemption Thresholds
The maturity of schedulabilty analysis techniques for fixed-priority preemptive scheduling has enabled the consideration of timing issues at design time using a specification of the tasking architecture and estimates of...
Scheduling Fixed-Priority Tasks with Preemption Threshold: An Attractive Technology?
While it is widely believed that preemptibility is a necessary requirement for developing real-time software, there are additional costs involved with preemptive scheduling, as compared to non-preemptive scheduling. Furthermore, in the...
