Authorization in Distributed Systems : a New Approach 1
نویسنده
چکیده
In most existing systems, authorization is speciied using some low-level system-speciic mechanisms, e.g., protection bits, capabilities and access control lists. We argue that authorization is an independent semantic concept that must be separated from implementation mechanisms and given a precise semantics. We propose a logical approach to representing and evaluating authorization. Speciically, we introduce a language for specifying policy bases. A policy base encodes a set of authorization requirements and is given a precise semantics based upon a formal notion of authorization policy. The semantics is computable, thus providing a basis for authorization evaluation.
منابع مشابه
Access control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملDynamic Planning the Expansion of Electric Energy Distribution Systems Considering Distributed Generation Resources in the Presence of Power Demand Uncertainty
In this paper, a new strategy based on a dynamic (time-based) model is proposed for expansion planning of electrical energy distribution systems, taking into account distributed generation resources and advantage of the techno-economic approach. In addition to optimal placement and capacity, the proposed model is able to determine the timing of installation / reinforcement of expansion options....
متن کاملAuthorization in distributed systems: a formal approach
In most systems, authorization is speciied using some low-level system-speciic mechanisms, e.g. protection bits, capabilities and access control lists. We argue that authorization is an independent semantic concept that must be separated from implementation mechanisms and given a precise semantics. We propose a logical approach to representing and evaluating authorization. Speciically, we intro...
متن کاملA Distributed Authorization Language for Ambient Intelligence
Authorization is an open problem in Ambient Intelligence environments. The difficulty of implementing authorization policies lies in the open and dynamic nature of such environments. The information is distributed among various heterogeneous devices that collect, process, change, and share it. Previous work presented a fully distributed approach for reasoning with conflicts in ambient intellige...
متن کاملHybrid Regenerating Codes for Distributed Storage Systems
Distributed storage systems are mainly justified due to their ability to store data reliably over some unreliable nodes such that the system can have long term durability. Recently, regenerating codes are proposed to make a balance between the repair bandwidth and the storage capacity per node. This is achieved through using the notion of network coding approach. In this paper, a new variation ...
متن کامل