Title :
Independently Verifiable Decentralized Role-Based Delegation
Author :
Tamassia, Roberto ; Yao, Danfeng ; Winsborough, William H.
Author_Institution :
Dept. of Comput. Sci., Brown Univ., Providence, RI, USA
Abstract :
In open systems such as cloud computing platforms, delegation transfers privileges among users across different administrative domains and facilitates information sharing. We present an independently verifiable delegation mechanism, where a delegation credential can be verified without the participation of domain administrators. Our protocol, called role-based cascaded delegation (RBCD), supports simple and efficient cross-domain delegation of authority. RBCD enables a role member to create delegations based on the dynamic needs of collaboration; in the meantime, a delegation chain can be verified by anyone without the participation of role administrators. We also describe an efficient realization of RBCD by using aggregate signatures, where the authentication information for an arbitrarily long role-based delegation chain is captured by one short signature of constant size.
Keywords :
Internet; authorisation; digital signatures; groupware; open systems; aggregate signatures; authentication information; cloud computing platforms; delegation credential; information sharing; open systems; role-based cascaded delegation; role-based delegation chain; verifiable decentralized role-based delegation; Access control; Authorization; Cloud computing; Collaboration; Computer science; Costs; Hospitals; Information security; Open systems; Resource management; Decentralized delegation; digital credentials;
Journal_Title :
Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on
DOI :
10.1109/TSMCA.2010.2045118
