An architecture for practical delegation in a distributed system

1 January 1990

conference paper
conference paper
Published by Institute of Electrical and Electronics Engineers (IEEE)

p. 20-30
https://doi.org/10.1109/risp.1990.63835

Abstract

A practical technique for delegation is described. It provides both cryptographic assurance that a delegation was authorized and authentication of the delegated systems, thereby allowing reliable access control as well as precise auditing of the systems involved in every access. It goes further than other approaches for delegation in that it also provides termination of a delegation on demand (as when the user logs out) with the assurance that the delegated systems, if subsequently compromised, cannot continue to act on the user's behalf. Delegation and revocation are provided by a simple mechanism that does not rely on online trusted servers.

Keywords

This publication has 9 references indexed in Scilit:

An axiomatic basis of trust in distributed systems
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Cascaded authentication
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Practical authentication for distributed computing
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1990
Authentication and discretionary access control in computer networks
Computers & Security, 1986
A Global Authentication Service without Global Trust
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1986
A Password-Capability System
The Computer Journal, 1986
Security Kernel Design and Implementation: An Introduction
Computer, 1983
Object representation on a heterogeneous network
ACM SIGOPS Operating Systems Review, 1982
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM, 1978

Cited by 100 articles