Active Certificates: A Framework for Delegation
نویسندگان
چکیده
In this paper, we present a novel approach to delegation in computer systems. We exploit mobile code capabilities of today’s systems to build active certificates: cryptographically signed mobile agents that implement delegation policy. Active certificates arrive at a new combination of properties, including expressivity, transparency, and offline operation, that is not available in existing systems. These properties make active certificates powerful tools to express delegation. Active certificates can also be used as a mechanism to implement complex policy systems, such as public key infrastructures; systems built in this way are easily extensible and interoperable. A prototype implementation of active certificates has been built as part of the Ninja [17] project.
منابع مشابه
Using Trust for Restricted Delegation in Grid Environments
Delegation is an important tool for authorization in large distributed environments. However, current delegation mechanisms used in emerging Grids have problems to allow for flexible and secure delegation. This paper presents a framework to realize restricted delegation using a specific attribute certificate with trust value in grid environments. The framework employs attribute certificates to ...
متن کاملEfficient Verification of Delegation in Distributed Group Membership Management
In ad-hoc networks and other highly distributed and decentralized environments, authorization certificates can be used to control access. Moreover, it is possible to delegate rights listed in the certificate to another users. Several such subsequent delegations build a chain of certificates. Chains of delegation certificates can improve the capability and manageability of systems. Distributed g...
متن کاملOn the Structure of Delegation Networks
In new distributed, key-oriented access control systems such as SPKI, access right are delegated by a freely formed network of certificates. We formalize the concept of a delegation network and present a formal semantics for the delegation of access rights with certificates. The certificates can have multiple subjects who must co-operate to use the authority. Some fundamental properties of the ...
متن کاملA Representation Model of Trust Relationships with Delegation Extensions
Logic languages establish a formal framework to solve authorization and delegation conflicts. However, we consider that a visual representation is necessary since graphs are more expressive and understandable than logic languages. In this paper, and after overviewing previous works using logic languages, we present a proposal for graph representation of authorization and delegation statements. ...
متن کاملA Delegation Based Model for Distributed Trust
In this paper we outline an infrastructure that facilitates security and trust management in a multi-agent system. Our model eases the problem of authorization in a network of heterogeneous agents and also contains mechanisms for delegation of authorization information. The framework allows agents to exchange trust information using a series of Interaction Protocols based on FIPA (Foundation fo...
متن کامل