{"title":"联合资源准入政策的联合管理推理","authors":"H. Khurana, V. Gligor, J. Linn","doi":"10.1109/ICDCS.2002.1022281","DOIUrl":null,"url":null,"abstract":"We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority's private key with which they sign the attribute certificates. Hence, any (proper) subset of the member domains need not be trusted to protect the private key. However, application servers that implement joint administration of access policies based on attribute certificates must trust all the signers of those certificates, namely all member domains of the coalition. To capture these trust relations we extend existing access control logics and show that the extensions are sound. To reason about joint administration of access policies, we illustrate an authorization protocol in our logic for accessing policy objects using threshold attribute certificates.","PeriodicalId":186210,"journal":{"name":"Proceedings 22nd International Conference on Distributed Computing Systems","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":"{\"title\":\"Reasoning about joint administration of access policies for coalition resources\",\"authors\":\"H. Khurana, V. Gligor, J. Linn\",\"doi\":\"10.1109/ICDCS.2002.1022281\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority's private key with which they sign the attribute certificates. Hence, any (proper) subset of the member domains need not be trusted to protect the private key. However, application servers that implement joint administration of access policies based on attribute certificates must trust all the signers of those certificates, namely all member domains of the coalition. To capture these trust relations we extend existing access control logics and show that the extensions are sound. To reason about joint administration of access policies, we illustrate an authorization protocol in our logic for accessing policy objects using threshold attribute certificates.\",\"PeriodicalId\":186210,\"journal\":{\"name\":\"Proceedings 22nd International Conference on Distributed Computing Systems\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-07-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"28\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 22nd International Conference on Distributed Computing Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCS.2002.1022281\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 22nd International Conference on Distributed Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCS.2002.1022281","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Reasoning about joint administration of access policies for coalition resources
We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority's private key with which they sign the attribute certificates. Hence, any (proper) subset of the member domains need not be trusted to protect the private key. However, application servers that implement joint administration of access policies based on attribute certificates must trust all the signers of those certificates, namely all member domains of the coalition. To capture these trust relations we extend existing access control logics and show that the extensions are sound. To reason about joint administration of access policies, we illustrate an authorization protocol in our logic for accessing policy objects using threshold attribute certificates.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
