Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
2007
Springer
2007
Springer
Efficient Proving for Practical Distributed Access-Control Systems
We present a new technique for generating a formal proof that an access request satisfies accesscontrol policy, for use in logic-based access-control frameworks. Our approach is tailored to settings where credentials needed to complete a proof might need to be obtained from, or reactively created by, distant components in a distributed system. In such contexts, our approach substantially improves upon previous proposals in both computation and communication costs, and better guides users to create the most appropriate credentials in those cases where needed credentials do not yet exist. At the same time, our strategy offers strictly superior proving ability, in the sense that it finds a proof in every case that previous approaches would (and more). We detail our method and evaluate an implementation of it using both policies in active use in an access-control testbed at our institution and larger policies indicative of a widespread deployment.
Real-time TrafficAccess Request Satisfies | Credentials | ESORICS 2007 | Logic-based Access-control Frameworks | Security Privacy |
Related Content
| Added | 16 Aug 2010 |
| Updated | 16 Aug 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ESORICS |
| Authors | Lujo Bauer, Scott Garriss, Michael K. Reiter |
Comments (0)
Researcher Info
|
