Snowflake project (1998-2000)

This project is no longer active; this page is no longer updated.

Related keywords: [security]


In the Snowflake project, we tackled the problem of naming and sharing resources across administrative boundaries. We developed a theory and implementation for restricted delegation, building on the classic "speaks-for" relation that forms the foundation of many authorization logics. In Snowflake, principals can delegate authority to other principles, but in a limited way; in earlier work, it was only possible for a principal to delegate all of its authority. The work is theoretically well-founded and yet practical to implement.

This work is most completely described in Howell's dissertation [howell:thesis]; the single most central paper is [howell:end-to-end].


Jon Howell and David Kotz.

Funding and acknowledgements

USENIX Association.

The views and conclusions contained on this site and in its documents are those of the authors and should not be interpreted as necessarily representing the official position or policies, either expressed or implied, of the sponsor(s). Any mention of specific companies or products does not imply any endorsement by the authors or by the sponsor(s).

Papers (tagged 'snowflake')

[Also available in BibTeX]

Papers are listed in reverse-chronological order. Follow updates with RSS.


[Kotz research]