Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
POLICY
2009
Springer
2009
Springer
Abductive Authorization Credential Gathering
A central task in the context of logic-based decentralized authorization languages is that of gathering credentials from credential providers, required by the resource guard’s policy to grant a user’s access request. This paper presents an abduction-based algorithm that computes a specification of missing credentials without communicating with remote credential providers. The specification is used to gather credentials from credential providers in a single pass, without involving any communication with the resource guard. The credentials gathered thus are pushed to the resource guard at authorization time. This approach decouples authorization from credential gathering, and, in comparison to server-side pull methods, reduces the number of messages sent between participants, and allows for environments in which some credential providers are unknown or unavailable to the resource guard at authorization time.
Real-time Traffic| Added | 27 May 2010 |
| Updated | 27 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | POLICY |
| Authors | Moritz Y. Becker, Jason F. Mackay, Blair Dillaway |
Comments (0)
Researcher Info
|
