Our Snowflake project included four main parts.
First, we explored the challenges and tradeoffs involved in naming resources and considered a variety of existing approaches to naming.
Second, we considered the architectural requirements for user-centric sharing. We evaluated existing systems with respect to these requirements.
Third, to support the sharing architecture, we developed a formal logic of sharing that captures the notion of restricted delegation. Restricted delegation ensures that users can use the same mechanisms to share resources consistently, regardless of the origin of the resource, or with whom the user wishes to share the resource next. A formal semantics gives unambiguous meaning to the logic. We applied the formalism to the Simple Public Key Infrastructure (SPKI) and identified how the formalism either supports or discourages potential extensions to such a system.
Finally, we used the formalism to drive a user-centric sharing implementation for distributed systems. We showed how this implementation enables end-to-end authorization, a feature that makes heterogeneous distributed systems more secure and easier to audit. Conventionally, gateway services that bridge administrative domains, add abstraction, or translate protocols typically impede the flow of authorization information from client to server. In contrast, end-to-end authorization enables us to build gateway services that preserve authorization information; hence we reduce the size of the trusted computing base and enable more effective auditing.