Using authority certificates to create management structures

Sadighi, Babak and Sergot, Marek and Bandmann, Olav (2001) Using authority certificates to create management structures. In: Revised Papers from the 9th International Workshop on Security Protocols, 25-27 April 2001, Cambridge, UK.

Full text not available from this repository.


We address the issue of updating privileges in a dynamic environment by introducing authority certificates in a Privilege Management Infrastructure. These certificates can be used to create access-level permissions but also to delegate authority to other agents, thereby providing a mechanism for creating management structures and for changing these structures over time. We present a semantic framework for privileges and certificates and an associated calculus, encoded as a logic program, for reasoning about them. The framework distinguishes between the time a certificate is issued or revoked and the time for which the associated privilege is created. This enables certificates to have prospective and retrospective effects, and allows us to reason about privileges and their consequences in the past, present, and future. The calculus provides a verification procedure for determining, given a set of declaration and revocation certificates, whether a certain privilege holds.

Item Type:Conference or Workshop Item (Paper)
Additional Information:Lecture Notes In Computer Science; Vol. 2467. ISBN:3-540-44263-4.
ID Code:3093
Deposited On:16 Jul 2008
Last Modified:18 Nov 2009 16:17

Repository Staff Only: item control page