A Decentralized Authorization Architecture

12 years 4 months ago
A Decentralized Authorization Architecture
We present a decentralized authorization architecture based on capabilities in which parties are able to exercise full control over their resources or delegate it in an ad-hoc manner. In our architecture data objects are encrypted and capabilities are used to gain access to them directly. This makes possible to decouple data storage from access to the stored data. Our capabilities are also protected by encryption, so that they can be distributed even to principals not authorized to use them. Replication and distribution can therefore be used to increase the availability not only of the data objects but of the authorization architecture itself to cope with disconnections and, in general, to adapt to changes of network topology typical of loosely coupled systems such as peer-to-peer networks and collaborative systems.
Feike W. Dillema, Simone Lupetti, Tage Stabell-Kul
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where AINA
Authors Feike W. Dillema, Simone Lupetti, Tage Stabell-Kulø
Comments (0)