Skip to main content

XDomain: Cross-border proofs of access

Publication ,  Conference
Bauer, L; Jia, L; Reiter, MK; Swasey, D
Published in: Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
November 30, 2009

A number of research systems have demonstrated the benefits of accompanying each request with a machine-checkable proof that the request complies with access-control policy - a technique called proof-carrying authorization. Numerous authorization logics have been proposed as vehicles by which these proofs can be expressed and checked. A challenge in building such systems is how to allow delegation between institutions that use different authorization logics. Instead of trying to develop the authorization logic that all institutions should use, we propose a framework for interfacing different, mutually incompatible authorization logics. Our framework provides a very small set of primitives that defines an interface for communication between different logics without imposing any fundamental constraints on their design or nature. We illustrate by example that a variety of different logics can communicate over this interface, and show formally that supporting the interface does not impinge on the integrity of each individual logic. We also describe an architecture for constructing authorization proofs that contain components from different logics and report on the performance of a prototype proof checker. Copyright 2009 ACM.

Duke Scholars

Published In

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

DOI

ISBN

9781605585376

Publication Date

November 30, 2009

Start / End Page

43 / 52
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Bauer, L., Jia, L., Reiter, M. K., & Swasey, D. (2009). XDomain: Cross-border proofs of access. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (pp. 43–52). https://doi.org/10.1145/1542207.1542216
Bauer, L., L. Jia, M. K. Reiter, and D. Swasey. “XDomain: Cross-border proofs of access.” In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, 43–52, 2009. https://doi.org/10.1145/1542207.1542216.
Bauer L, Jia L, Reiter MK, Swasey D. XDomain: Cross-border proofs of access. In: Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2009. p. 43–52.
Bauer, L., et al. “XDomain: Cross-border proofs of access.” Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, 2009, pp. 43–52. Scopus, doi:10.1145/1542207.1542216.
Bauer L, Jia L, Reiter MK, Swasey D. XDomain: Cross-border proofs of access. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2009. p. 43–52.

Published In

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

DOI

ISBN

9781605585376

Publication Date

November 30, 2009

Start / End Page

43 / 52