xDomain: cross-border proofs of access

12 years 4 months ago
xDomain: cross-border proofs of access
A number of research systems have demonstrated the benefits of accompanying each request with a machine-checkable proof that the request complies with access-control policy — a technique called proof-carrying authorization. Numerous authorization logics have been proposed as vehicles by which these proofs can be expressed and checked. A challenge in building such systems is how to allow delegation between institutions that use different authorization logics. Instead of trying to develop the authorization logic that all institutions should use, we propose a framework for interfacing different, mutually incompatible authorization logics. Our framework provides a very small set of primitives that defines an interface for communication between different logics without imposing any fundamental constraints on their design or nature. We illustrate by example that a variety of different logics can communicate over this interface, and show formally that supporting the interface does no...
Lujo Bauer, Limin Jia, Michael K. Reiter, David Sw
Added 28 May 2010
Updated 28 May 2010
Type Conference
Year 2009
Authors Lujo Bauer, Limin Jia, Michael K. Reiter, David Swasey
Comments (0)