Title :
A Decentralized Authorization Architecture
Author :
Dillema, Feike W. ; Lupetti, Simone ; Stabell-Kulø, Tage
Author_Institution :
Dept. of Comput. Sci., Tromso Univ., Tromso
Abstract :
We present a decentralized authorization architecture based on capabilities in which parties are able to exercise full control over their resources and delegate it in an ad-hoc manner. In our architecture data objects are encrypted and capabilities are used to gain access to them directly. Data storage can then be decoupled from access to the stored data. Capabilities are also protected by encryption, so that they can be distributed to principals not authorized to use them. Replication and distribution can therefore be used to increase the availability not only of the data objects but of the authorization architecture itself to cope with disconnections and, in general, to adapt to changes of network topology typical of loosely coupled systems such as peer-to-peer networks and collaborative systems.
Keywords :
authorisation; cryptography; groupware; peer-to-peer computing; resource allocation; collaborative system; data object; data storage; decentralized authorization architecture; encryption; loosely coupled system; network topology; peer-to-peer network; resource management; Authorization; Collaboration; Computer architecture; Cryptography; Logic; Memory; Network topology; Permission; Pervasive computing; Protection;
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2007, AINAW '07. 21st International Conference on
Conference_Location :
Niagara Falls, Ont.
Print_ISBN :
978-0-7695-2847-2
DOI :
10.1109/AINAW.2007.18
