Non-delegatable authorities in capability systems

نویسندگان

  • Toby C. Murray
  • Duncan A. Grove
چکیده

We present a novel technique, known as the non-delegatable authority (NDA), for distributing authority to unconfined subjects in capability systems that prevents them from sharing the exact same authority that they have been given with anyone else. This feature is present in common systems based on access control lists (ACLs) in which one may hand out a permission without handing out the associated “grant” right, but has been thought to be impossible to express in capability systems until now. Consequently, we demonstrate that NDAs may be used to express ACL-like constructs and their basic pattern is directly applicable for implementing Multi-Level Security and identity-based access controls in the object-capability model. The extra complexity introduced by our NDA implementation can be hidden behind constructs that allow NDAs to be wielded as if they were ordinary capabilities to the target resource. These constructs cannot break the non-delegatability constraint and allow NDAs to be used effectively, although with less efficiency than delegatable authorities.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A non-delegatable identity-based strong designated verifier signature scheme

A non-delegatable identity-based strong designated verifier signature scheme Bin Wang Information Engineering College of Yangzhou University Yangzhou City, Jiangsu Province, 225009, P.R.China E-mail:[email protected] Abstract: In a strong designated verifier signature scheme, no third party can verify the validity of a signature. On the other hand, non-delegatability, proposed by Lipmaa, Wang an...

متن کامل

A Non-delegatable Identity-based Designated Verifier Signature Scheme without Bilinear Pairings

Up to now, several non-delegatable identity-based (strong) designated verifier signature schemes using bilinear pairings are proposed. In these identity-based (strong) designated verifier signature schemes, bilinear pairings are employed either in signing and verifying steps or only in the verifying step. However, the computation cost of pairings at a security level equivalent to a 128-bit symm...

متن کامل

Randomizable Proofs and Delegatable Anonymous Credentials

We construct an efficient delegatable anonymous credentials system. Users can anonymously and unlinkably obtain credentials from any authority, delegate their credentials to other users, and prove possession of a credential L levels away from a given authority. The size of the proof (and time to compute it) is O(Lk), where k is the security parameter. The only other construction of delegatable ...

متن کامل

Functional Encryption: Decentralized and Delegatable

Recent advances in encryption schemes have allowed us to go far beyond point to point encryption, the scenario typically envisioned in public key encryption. In particular, Functional Encryption (FE) allows an authority to provide users with keys corresponding to various functions, such that a user with a secret key corresponding to a function f , can compute f(m) (and only that) from a cipher-...

متن کامل

Revocation for Delegatable Anonymous Credentials

This paper introduces and formalizes homomorphic proofs that allow ‘adding’ proofs and proof statements to get a new proof of the ‘sum’ statement. Additionally, we introduce a construction of homomorphic proofs, and show an accumulator scheme with delegatable non-membership proofs (ADNMP) as one of its applications with provable security. Finally, the proposed accumulator method extends the BCC...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Journal of Computer Security

دوره 16  شماره 

صفحات  -

تاریخ انتشار 2008