分布式系统中的代理问题分析

Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy Pub Date : 1991-05-20 DOI:10.1109/RISP.1991.130793

V. Varadharajan, Phillip Allen, S. Black

{"title":"分布式系统中的代理问题分析","authors":"V. Varadharajan, Phillip Allen, S. Black","doi":"10.1109/RISP.1991.130793","DOIUrl":null,"url":null,"abstract":"The authors look at the problem of delegation of rights or proxy in distributed object systems. Two signature-based schemes for achieving delegation which require different inter-object trust assumptions are presented. These schemes have been instantiated using public key and secret key based cryptographic techniques. Additional trust implications which arise from these implementations are also considered. Then the authors consider the issue of revocation of delegations and propose several ways of achieving this. These solutions have been compared with the mechanism found in the Distributed System Security Architecture (M. Gasser et al., 1990). Finally, the authors consider the Kerberos authentication system (J. Steiner et al., 1988) and propose extensions to implement the delegation scheme.<<ETX>>","PeriodicalId":445112,"journal":{"name":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","volume":"706 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1991-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"144","resultStr":"{\"title\":\"An analysis of the proxy problem in distributed systems\",\"authors\":\"V. Varadharajan, Phillip Allen, S. Black\",\"doi\":\"10.1109/RISP.1991.130793\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The authors look at the problem of delegation of rights or proxy in distributed object systems. Two signature-based schemes for achieving delegation which require different inter-object trust assumptions are presented. These schemes have been instantiated using public key and secret key based cryptographic techniques. Additional trust implications which arise from these implementations are also considered. Then the authors consider the issue of revocation of delegations and propose several ways of achieving this. These solutions have been compared with the mechanism found in the Distributed System Security Architecture (M. Gasser et al., 1990). Finally, the authors consider the Kerberos authentication system (J. Steiner et al., 1988) and propose extensions to implement the delegation scheme.<<ETX>>\",\"PeriodicalId\":445112,\"journal\":{\"name\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"volume\":\"706 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1991-05-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"144\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RISP.1991.130793\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RISP.1991.130793","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 144

摘要

作者着眼于分布式对象系统中的授权或代理问题。提出了两种基于签名的授权方案，它们需要不同的对象间信任假设。这些方案已经使用基于公钥和密钥的加密技术实例化。还考虑了这些实现产生的其他信任含义。然后，作者审议了撤销代表团的问题，并提出了实现这一目标的几种方法。这些解决方案已经与分布式系统安全架构(M. Gasser et al.， 1990)中的机制进行了比较。最后，作者考虑了Kerberos认证系统(J. Steiner et al.， 1988)，并提出了实现授权方案的扩展

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An analysis of the proxy problem in distributed systems

The authors look at the problem of delegation of rights or proxy in distributed object systems. Two signature-based schemes for achieving delegation which require different inter-object trust assumptions are presented. These schemes have been instantiated using public key and secret key based cryptographic techniques. Additional trust implications which arise from these implementations are also considered. Then the authors consider the issue of revocation of delegations and propose several ways of achieving this. These solutions have been compared with the mechanism found in the Distributed System Security Architecture (M. Gasser et al., 1990). Finally, the authors consider the Kerberos authentication system (J. Steiner et al., 1988) and propose extensions to implement the delegation scheme.<>

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy

自引率

0.00%

发文量