Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Classification of Delegation Schemes for Attribute Authority
RISE, Swedish ICT, SICS.ORCID iD: 0000-0002-9246-4480
RISE, Swedish ICT, SICS.ORCID iD: 0000-0003-0231-8015
2007 (English)In: Formal Aspects in Security and Trust, Springer , 2007, 1, p. 158-169Chapter in book (Refereed)
Abstract [en]

Recently assertions have been explored as a generalisation of certificates within access control. Assertions are used to link arbitrary attributes (e.g. roles, security clearances) to arbitrary entities (e.g. users, resources). These attributes can then be used as identifiers in access control policies to refer to groups of users or resources. In many applications attribute management does not happen within the access control system. External entities manage attribute assignments and issue assertions that are then used in the access control system. Some approaches also allow for the delegation of attribute authority, in order to spread the administrative workload. In such systems the consumers of attribute assertions issued by a delegated authority need a delegation verification scheme. In this article we propose a classification for schemes that allow to verify delegated authority, with a focus on attribute assertion. Using our classification, one can deduce some advantages and drawbacks of different approaches to delegated attribute assertion. This work was carried out during the tenure of an ERCIM “Alain Bensoussan” Fellowship Programme.

Place, publisher, year, edition, pages
Springer , 2007, 1. p. 158-169
Series
Lecture Notes in Computer Science ; 4691
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-21154OAI: oai:DiVA.org:ri-21154DiVA, id: diva2:1041188
Note

Also appeared in The fourth international Workshop on Formal Aspects in Security and Trust (FAST2006), 26-27 August 2006, Hamilton, Ontario, Canada.

Available from: 2016-10-31 Created: 2016-10-31 Last updated: 2020-12-02Bibliographically approved

Open Access in DiVA

No full text in DiVA

Authority records

Rissanen, ErikSadighi, Babak

Search in DiVA

By author/editor
Rissanen, ErikSadighi, Babak
By organisation
SICS
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 30 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf