An analysis of the proxy problem in distributed systems

Author

Varadharajan, Vijay ; Allen, Phillip ; Black, Stewart

Author_Institution

Hewlett Packard Lab., Bristol, UK

fYear

1991

fDate

20-22 May 1991

Firstpage

255

Lastpage

275

Abstract

The authors look at the problem of delegation of rights or proxy in distributed object systems. Two signature-based schemes for achieving delegation which require different inter-object trust assumptions are presented. These schemes have been instantiated using public key and secret key based cryptographic techniques. Additional trust implications which arise from these implementations are also considered. Then the authors consider the issue of revocation of delegations and propose several ways of achieving this. These solutions have been compared with the mechanism found in the Distributed System Security Architecture (M. Gasser et al., 1990). Finally, the authors consider the Kerberos authentication system (J. Steiner et al., 1988) and propose extensions to implement the delegation scheme

Keywords

cryptography; distributed processing; Distributed System Security Architecture; Kerberos authentication system; distributed object systems; proxy problem; public key based cryptography; secret key based cryptographic techniques; signature-based schemes; Access control; Access protocols; Authentication; Cryptographic protocols; Graphics; Laboratories; Permission; Public key; Public key cryptography; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on

Conference_Location

Oakland, CA

Print_ISBN

0-8186-2168-0

Type

conf

DOI

10.1109/RISP.1991.130793

Filename

130793