{"title":"对象安全性的分歧共识","authors":"L. Lopriore","doi":"10.1080/17445760.2023.2225217","DOIUrl":null,"url":null,"abstract":"We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.","PeriodicalId":45411,"journal":{"name":"International Journal of Parallel Emergent and Distributed Systems","volume":"38 1","pages":"327 - 341"},"PeriodicalIF":0.6000,"publicationDate":"2023-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Split consensus for object security\",\"authors\":\"L. Lopriore\",\"doi\":\"10.1080/17445760.2023.2225217\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.\",\"PeriodicalId\":45411,\"journal\":{\"name\":\"International Journal of Parallel Emergent and Distributed Systems\",\"volume\":\"38 1\",\"pages\":\"327 - 341\"},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2023-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Parallel Emergent and Distributed Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/17445760.2023.2225217\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Parallel Emergent and Distributed Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/17445760.2023.2225217","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.