An Access-Control Calculus for Spanning Administrative Domains


Jon Howell and David Kotz. An Access-Control Calculus for Spanning Administrative Domains. Technical Report number PCS-TR99-361, Dartmouth Computer Science, November 1999. ©Copyright the authors. Later revised as howell:spki-tr.


In our quest to give users uniform access to resources unimpeded by administrative boundaries, we discovered that we needed transitive sharing among users, with the possibility of restricted access along each sharing link. To achieve that goal, we extend Lampson et al.’s calculus for access control to support restricted delegations. We discuss the advantages of our extension, including the simplification of constructs like ACLs and statement expiration. We also apply our extension to model the Simple Public Key Infrastructure and make suggestions about its future development. Our extended calculus exposes some surprising consequences in such systems that use restricted delegation.

Citable with [BibTeX]

Projects: [snowflake]

Keywords: [security]

Available from the publisher: [page]

Available from the author: [bib] [pdf] [ps.gz]
This pdf was produced by the publisher and its posting here is permitted by the publisher.

[Kotz research]