Skip to main content

Efficient proving for practical distributed access-control systems

Publication ,  Conference
Bauer, L; Garriss, S; Reiter, MK
Published in: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
January 1, 2007

We present a new technique for generating a formal proof that an access request satisfies access-control policy, for use in logic-based access-control frameworks. Our approach is tailored to settings where credentials needed to complete a proof might need to be obtained from, or reactively created by, distant components in a distributed system. In such contexts, our approach substantially improves upon previous proposals in both computation and communication costs, and better guides users to create the most appropriate credentials in those cases where needed credentials do not yet exist. At the same time, our strategy offers strictly superior proving ability, in the sense that it finds a proof in every case that previous approaches would (and more). We detail our method and evaluate an implementation of it using both policies in active use in an access-control testbed at our institution and larger policies indicative of a widespread deployment. © Springer-Verlag Berlin Heidelberg 2007.

Duke Scholars

Published In

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

DOI

EISSN

1611-3349

ISSN

0302-9743

Publication Date

January 1, 2007

Volume

4734 LNCS

Start / End Page

19 / 37

Related Subject Headings

  • Artificial Intelligence & Image Processing
  • 46 Information and computing sciences
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Bauer, L., Garriss, S., & Reiter, M. K. (2007). Efficient proving for practical distributed access-control systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4734 LNCS, pp. 19–37). https://doi.org/10.1007/978-3-540-74835-9_3
Bauer, L., S. Garriss, and M. K. Reiter. “Efficient proving for practical distributed access-control systems.” In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 4734 LNCS:19–37, 2007. https://doi.org/10.1007/978-3-540-74835-9_3.
Bauer L, Garriss S, Reiter MK. Efficient proving for practical distributed access-control systems. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 2007. p. 19–37.
Bauer, L., et al. “Efficient proving for practical distributed access-control systems.” Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4734 LNCS, 2007, pp. 19–37. Scopus, doi:10.1007/978-3-540-74835-9_3.
Bauer L, Garriss S, Reiter MK. Efficient proving for practical distributed access-control systems. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 2007. p. 19–37.

Published In

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

DOI

EISSN

1611-3349

ISSN

0302-9743

Publication Date

January 1, 2007

Volume

4734 LNCS

Start / End Page

19 / 37

Related Subject Headings

  • Artificial Intelligence & Image Processing
  • 46 Information and computing sciences