Abstract
The authors look at the problem of delegation of rights or proxy in distributed object systems. Two signature-based schemes for achieving delegation which require different inter-object trust assumptions are presented. These schemes have been instantiated using public key and secret key based cryptographic techniques. Additional trust implications which arise from these implementations are also considered. Then the authors consider the issue of revocation of delegations and propose several ways of achieving this. These solutions have been compared with the mechanism found in the Distributed System Security Architecture proposed by M. Gasser and E. McDermott (1990). Finally, the authors consider the Kerberos authentication system and propose extensions to implement the delegation scheme.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the IEEE Computer Society Symposium on Security and Privacy, 1991 |
| Place of Publication | Pistacaway, NJ |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 255-275 |
| Number of pages | 21 |
| ISBN (Print) | 0818621680 |
| DOIs | |
| Publication status | Published - May 1991 |
| Externally published | Yes |
| Event | Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy - Oakland, CA, USAOA Duration: 20 May 1991 → 22 May 1991 |
Other
| Other | Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy |
|---|---|
| City | Oakland, CA, USAOA |
| Period | 20/05/91 → 22/05/91 |