{"title":"Split consensus for object security","authors":"L. Lopriore","doi":"10.1080/17445760.2023.2225217","DOIUrl":null,"url":null,"abstract":"We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.","PeriodicalId":45411,"journal":{"name":"International Journal of Parallel Emergent and Distributed Systems","volume":"38 1","pages":"327 - 341"},"PeriodicalIF":0.6000,"publicationDate":"2023-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Parallel Emergent and Distributed Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/17445760.2023.2225217","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
Abstract
We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.