Sadighi, Babak and Sergot, Marek (2002) Revocation schemes for delegated authorities. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks, 5-7 June 2002, Monterey, California, USA.
We have an existing framework for updating privileges and creating management structures by means of authority certificates. These are used both to create access-level permissions and to delegate authority to other agents. Here we extend the framework to support a richer set of revocation schemes. The discussion of revocation follows an existing classification in the literature based on three separate dimensions: resilience, propagation, and dominance. The first does not apply to this framework. The second is specified straightforwardly. The third can be encoded but raises a number of further questions for future investigation.
|Item Type:||Conference or Workshop Item (Paper)|
|Deposited By:||INVALID USER|
|Deposited On:||14 Jul 2008|
|Last Modified:||18 Nov 2009 16:16|
Repository Staff Only: item control page