• DocumentCode
    1961557
  • Title

    Secure Abstraction with Code Capabilities

  • Author

    van Renesse, R. ; Johansen, H. ; Naigaonkar, N. ; Johansen, D.

  • Author_Institution
    Cornell Univ., Ithaca, NY, USA
  • fYear
    2013
  • fDate
    Feb. 27 2013-March 1 2013
  • Firstpage
    542
  • Lastpage
    546
  • Abstract
    We propose embedding executable code fragments in cryptographically protected capabilities to enable flexible discretionary access control in cloud-like computing infrastructures. We demonstrate how such a code capability mechanism can be implemented completely in user space. Using a novel combination of X.509 certificates and JavaScript code, code capabilities support restricted delegation, confinement, revocation, and rights amplification for secure abstraction.
  • Keywords
    authorisation; cryptography; JavaScript code; X.509 certificates; cloud-like computing infrastructures; code capability mechanism; cryptographically protected capabilities; embedding executable code fragments; flexible discretionary access control; restricted confinement; restricted delegation; restricted revocation; rights amplification; secure abstraction; user space; Access control; Libraries; Operating systems; Public key; Servers; Standards; authorization; capabilities; sports analytics;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel, Distributed and Network-Based Processing (PDP), 2013 21st Euromicro International Conference on
  • Conference_Location
    Belfast
  • ISSN
    1066-6192
  • Print_ISBN
    978-1-4673-5321-2
  • Electronic_ISBN
    1066-6192
  • Type

    conf

  • DOI
    10.1109/PDP.2013.87
  • Filename
    6498603
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1961557