Towards More Controllable and Practical Delegation
作者: Gang Yin , Huaimin Wang , Dianxi Shi , Haiya Gu
DOI: 10.1007/11560326_19
关键词:
摘要: Delegation is essential to the flexibility and scalability of trust management systems. But unrestricted delegation may result in privilege proliferation breach privacy information The models existing systems can not avoid transition, being lack effective constraints on propagation, which easily lead proliferation. In this paper, we propose a generalized constrained model (GCDM), uses typed privileges control potential restricts propagation scope trees by novel constraint mechanism named spacial constraints. This paper also designs rule-based language REAL05 express policies semantics for GCDM. supports flexible while subsequent delegations. Comprehensive samples simulation results show that our approach more controllable practical.
springer.com
sci-hub.st 参考文章(21)
Angelos D. Keromytis, John Ioannidis, Joan Feigenbaum, Matt Blaze, The KeyNote trust management system version2, IETF RFC 2704 ,(1999)
Babak Sadighi Firozabadi, Marek Sergot, Olav Bandmann, Using Authority Certificates to Create Management Structures international workshop on security. pp. 134- 145 ,(2001) , 10.1007/3-540-45807-7_21
P.C. Kanellakis, G.M. Kuper, P.Z. Revesz, Constraint Query Languages Journal of Computer and System Sciences. ,vol. 51, pp. 26- 52 ,(1995) , 10.1006/JCSS.1995.1051
Ninghui Li, John C. Mitchell, DATALOG with Constraints: A Foundation for Trust Management Languages practical aspects of declarative languages. pp. 58- 73 ,(2003) , 10.1007/3-540-36388-2_6
P. Sewell, M.Y. Becker, Cassandra: flexible trust management, applied to electronic health records ieee computer security foundations symposium. pp. 139- 154 ,(2004) , 10.1109/CSFW.2004.7
Huai-min Wang, Yan Jia, Dian-xi Shi, Gang Yin, Meng Teng, An Authorization Framework Based on Constrained Delegation Parallel and Distributed Processing and Applications. pp. 845- 857 ,(2004) , 10.1007/978-3-540-30566-8_98
A. Keromytis, M. Blaze, J. Feigenbaum, J. Ioannidis, The KeyNote Trust-Management System Version 2 RFC. ,vol. 2704, pp. 1- 37 ,(1999)
M.R. Schroeder, Models of hearing Proceedings of the IEEE. ,vol. 63, pp. 1332- 1350 ,(1975) , 10.1109/PROC.1975.9941
Ninghui Li, Benjamin N. Grosof, Joan Feigenbaum, Delegation logic ACM Transactions on Information and System Security. ,vol. 6, pp. 128- 171 ,(2003) , 10.1145/605434.605438
Butler Lampson, Martín Abadi, Michael Burrows, Edward Wobber, Authentication in distributed systems ACM Transactions on Computer Systems. ,vol. 10, pp. 265- 310 ,(1992) , 10.1145/138873.138874