• DocumentCode
    1633375
  • Title

    Constrained delegation

  • Author

    Bandmann, Olav ; Dam, Mads ; Firozabadi, Babak Sadighi

  • Author_Institution
    Swedish Inst. of Comput. Sci., Kista, Sweden
  • fYear
    2002
  • fDate
    6/24/1905 12:00:00 AM
  • Firstpage
    131
  • Lastpage
    140
  • Abstract
    Sometimes it is useful to be able to separate management of a set of resources, and access to the resources themselves. However, current accounts of delegation do not allow such distinctions to be easily made. We introduce a new model for delegation to address this issue. The approach is based on the idea of controlling the possible shapes of delegation chains. We use constraints to restrict the capabilities at each step of delegation. Constraints may reflect e.g. group memberships, timing constraints, or dependencies on external data. Regular expressions are used to describe chained constraints. We present a number of example delegation structures, based on a scenario of collaborating organisations.
  • Keywords
    authorisation; chained constraints; collaborating organisations; constrained delegation; constraints; delegation chain shape control; external data dependencies; group memberships; regular expressions; timing constraints; Authorization; Collaboration; Computer science; Councils; Permission; Resource management; Shape control; Silicon carbide; Technology management; Timing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on
  • ISSN
    1081-6011
  • Print_ISBN
    0-7695-1543-6
  • Type

    conf

  • DOI
    10.1109/SECPRI.2002.1004367
  • Filename
    1004367
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1633375