Sciweavers

Share
SACMAT
2004
ACM

Towards a credential-based implementation of compound access control policies

12 years 5 months ago
Towards a credential-based implementation of compound access control policies
We describe a layered approach to access control for distributed and interoperable computing systems. Firstly, compound access control policies are conceptually specified, using the policy algebra proposed by Bonatti/Capitani di Vimercati/Samarati. Secondly, SPKI/SDSI is exploited to implement and to enforce a policy specification by means of credentials. Therefore, SPKI/SDSI is slightly extended, in particular in order to deal with the subtraction operator of the algebra and to allow algebraic expressions over local names as subjects in authorization certificates. Besides presenting the overall approach, the paper elaborates some details for a still powerful fraction of the policy algebra, thereby examining the correctness of the credential-based implementation.
Joachim Biskup, Sandra Wortmann
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where SACMAT
Authors Joachim Biskup, Sandra Wortmann
Comments (0)
books