Revocation schemes for delegated authorities
Number of Authors: 2
2002 (English)Conference paper (Refereed)
We have an existing framework for updating privileges and creating management structures by means of authority certificates. These are used both to create access-level permissions and to delegate authority to other agents. Here we extend the framework to support a richer set of revocation schemes. The discussion of revocation follows an existing classification in the literature based on three separate dimensions: resilience, propagation, and dominance. The first does not apply to this framework. The second is specified straightforwardly. The third can be encoded but raises a number of further questions for future investigation.
Place, publisher, year, edition, pages
Computer and Information Science
IdentifiersURN: urn:nbn:se:ri:diva-22534OAI: oai:DiVA.org:ri-22534DiVA: diva2:1042099
Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks