• DocumentCode
    3144876
  • Title

    Authorization in distributed systems: a formal approach

  • Author

    Woo, Thomas Y C ; Lam, Simon S.

  • Author_Institution
    Dept. of Comput. Sci., Texas Univ., Austin, TX, USA
  • fYear
    1992
  • fDate
    4-6 May 1992
  • Firstpage
    33
  • Lastpage
    50
  • Abstract
    It is argued that authorization is an independent semantic concept that must be separated from implementation mechanisms and given a precise semantics. A logical approach to representing and evaluating authorization is proposed. Specifically, a language for specifying policy bases is introduced. A policy base encodes a set of authorization requirements and is given a precise semantics based on a formal notion of authorization policy. The semantics is computable, thus providing a basis for authorization evaluation. Two composition operators for policy bases which are appropriate for modeling distributed systems with multiple administrative domains are introduced
  • Keywords
    authorisation; distributed processing; message authentication; specification languages; authentication; authorization; distributed systems; policy base; specification language; Access control; Authorization; Control systems; Distributed computing; File systems; Large-scale systems; Permission; Production facilities; Protection; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Research in Security and Privacy, 1992. Proceedings., 1992 IEEE Computer Society Symposium on
  • Conference_Location
    Oakland, CA
  • Print_ISBN
    0-8186-2825-1
  • Type

    conf

  • DOI
    10.1109/RISP.1992.213272
  • Filename
    213272
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3144876