欢迎来到天天文库
浏览记录
ID:7266722
大小:83.45 KB
页数:5页
时间:2018-02-09
《a trust based delegation system for managing access control》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库。
1、ATRUSTBASEDDELEGATIONSYSTEMFORMANAGINGACCESSCONTROLRainerSteffen,RudiKnorr*AbstractTrustisconsideredtobeapowerfulapproachformanagingaccesscontrolinpervasivecomputingscenarios.Weintroduceanoveldelegationsystemthatdescribesdigitaltrustbetweenusersbymeansofcryptog
2、raphicallysecuredtokens.Thedelegationsystemisorganizedbytheusersthemselvesinafullydistributedmanner.Acentralinstancelikeapublickeyinfrastructureisnotrequired.Thesystemsupportsanonymity,providesahighusabilityandissuitableforusewithinpervasivecomputingscenarios.1
3、.IntroductionSecuritymanagementinpervasivecomputingscenariosisachallengingtask.Wehavetocopewithdynamicandheterogeneousnetworks,alargenumberofdifferentdevices,usersandservices.Toenableasecurecollaborationbetweenalltheactors,anefficientaccesscontrolisessential.In
4、traditionalcomputerandcommunicationnetworks,accesscontrolismostlymanagedbystaticaccesscontrollists(ACLs).TheseACLscontaininformationabouttheobjectsthathavetobeprotected(e.g.datafilesorservices)andthesubjects(e.g.users)whichhavetherighttoaccesstheseobjects.Manag
5、ementofaccesscontrolbyACLspresumesthattheobjectshaveknowledgeaboutallthepotentialsubjects,whichmightaccesstheobject.Infuturepervasivescenarios,thiskindofaccesscontrolmechanismisunsuitable.FirstlytheadministrativeoverheadformanagingtheACLsinadynamicscenariowitha
6、multitudeofdevices,usersandservicesisincreasingtremendously.Secondlythereisnosupportofunknowndevicesandusersastheycanappearinpervasiveandad-hocnetworks.Apowerfulapproachtoovercometheseproblemsisdeliveredbythetrust-paradigm.InsteadoforinadditiontoaninflexibleACL
7、configuration,trustrelationshipsbetweentheusersareutilizedtogainaccesstotheobjects.Thegoalistomapthenaturaltrustbetweenhumanstothedigitalworld.Oneofthetrustapproachesistheso-calleddelegationsystemwhichenablesuserstoexpressandenforcethetrusttheyhaveinothersbymea
8、nsofdigitaltrusttokens.Inthefollowingweelaborateanovelanduser-friendlytrustbaseddelegationsystemthatissuitablefortheusewithinpervasivecomputingscenarios.Thispaperisorganized
此文档下载收益归作者所有