Top

International Journal of Information Security

Published in:

23-08-2017 | Regular Contribution

Access right management by extended password capabilities

Author: Lanfranco Lopriore

Published in: International Journal of Information Security | Issue 5/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With reference to a classic protection system featuring active subjects that reference protected objects, we approach the problem of identifying the objects that each subject can access, and the operations that the subject can carry out on these objects. Password capabilities are a classical solution to this problem. We propose a new form of password capability, called extended password capability (or e-capability, for short). An e-capability can specify any combination of access rights. A subject that holds a given e-capability can generate new e-capabilities for reduced sets of access rights. Furthermore, a subject that created a given object is in a position to revoke the access permissions granted by every e-capability referencing this object, completely or in part. The size of an e-capability is comparable to that of a traditional password capability. The number of passwords that need to be stored in memory permanently is kept to a minimum, and is equal to a single password for each object.

previous article Watermarking protocols: an excursus to motivate a new approach

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

If a subject steals a password capability, it can take advantage of this password capability, to access the object it references illegitimately. In fact, the validity of a password capability is independent of the subject that holds this password capability and extends system-wide, and a copy of a password capability cannot be distinguished from the original. This is a different aspect of the segregation problem. Password capability stealing can be precluded by a separation of the address spaces enforced by the underlying operating system kernel [2]. Alternatively, we can assign a cryptographic key to each application; the password capabilities held by the subjects of a given application are encrypted by using the key of this application [16]. This mechanism prevents stealing between subjects of different applications, but cannot protect the subjects of the same application, which should be considered mutually trustworthy.

Suppose that subject S transfers a copy of the owner e-capability referencing object B to subject \(S'\). As a result, \(S'\) acquires full access rights for B, including the delete access right that makes it possible to delete the object and to modify its revocation table. In fact, there is no way to distinguish the original owner e-capability from its copy. Furthermore, \(S'\) will be able to generate e-capabilities for B in different classes, as it possesses the owner password. If this should not be the case, S will preventively transform the owner e-capability into a different class, thereby changing the password.

Anderson, M., Pose, R.D., Wallace, C.S.: A password-capability system. Comput. J. 29(1), 1–8 (1986)CrossRef

Castro, M.D., Pose, R.D., Kopp, C.: Password-capabilities and the Walnut kernel. Comput. J. 51(5), 595–607 (2008)CrossRef

Chase, J.S., Levy, H.M., Lazowska, E.D., Baker-Harvey, M.: Lightweight shared objects in a 64-bit operating system. ACM SIGPLAN Notices 27(10), 397–413 (1992)CrossRef

de Vivo, M., de Vivo, G.O., Gonzalez, L.: A brief essay on capabilities. ACM SIGPLAN Notices 30(7), 29–36 (1995)CrossRef

England, D.M.: Capability concept mechanism and structure in System 250. In: Proceedings of the International Workshop on Protection in Operating Systems, pp. 63–82. IRIA, Paris, France (1974)

Gligor, V.D.: Review and revocation of access privileges distributed through capabilities. IEEE Trans. Softw. Eng. SE–5(6), 575–586 (1979)CrossRef

Grove, D.A., Murray, T.C., Owen, C.A., North, C.J., Jones, J.A., Beaumont, M.R., Hopkin, B.D.: An overview of the Annex system. In: Proceedings of the Twenty-Third Annual Computer Security Applications Conference, pp. 341–352. IEEE, Miami Beach, Florida, USA (2007)

Heiser, G., Elphinstone, K., Vochteloo, J., Russell, S., Liedtke, J.: The Mungi single-address-space operating system. Softw. Pract. Exp. 28(9), 901–928 (1998)CrossRef

Houdek, M.E., Soltis, F.G., Hoffman, R.L.: IBM System/38 support for capability-based addressing. In: Proceedings of the 8th Annual Symposium on Computer Architecture, pp. 341–348. IEEE Computer Society Press, Minneapolis, Minnesota, USA (1981)

10.

King-Lacroix, J., Martin, A.: BottleCap: a credential manager for capability systems. In: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, pp. 45–54. ACM, Raleigh, NC, USA (2012)

11.

Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., et al.: seL4: formal verification of an OS kernel. In: Proceedings of the 22nd ACM Symposium on Operating Systems Principles, pp. 207–220. ACM, Big Sky, MT, USA (2009)

12.

Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)CrossRef

13.

Leung, A.W., Miller, E.L.: Scalable security for large, high performance storage systems. In: Proceedings of the Second ACM Workshop on Storage Security and Survivability, pp. 29–40. ACM, Alexandria, Virginia, USA (2006)

14.

Levy, H.M.: Capability-Based Computer Systems. Digital Press, Bedford, Mass, USA (1984)

15.

Lopriore, L.: Encrypted pointers in protection system design. Comput. J. 55(4), 497–507 (2012)CrossRef

16.

Lopriore, L.: Password capabilities revisited. Comput. J. 58(4), 782–791 (2015)CrossRef

17.

Merkle, R.C.: One way hash functions and DES. In: Proceedings of the 9th Annual International Cryptology Conference—Advances in Cryptology, pp. 428–446. Springer, Santa Barbara, California, USA (1989)

18.

Miller, M.S., Yee, K.-P., Shapiro, J.: Capability myths demolished. Technical Report, Systems Research Laboratory, Johns Hopkins University. http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf (2003)

19.

Neumann, P.G., Feiertag, R.J.: PSOS revisited. In: Proceedings of the 19th Annual Computer Security Applications Conference, pp. 208–216. IEEE, Las Vegas, NV, USA (2003)

20.

Pose, R.: Password-capabilities: their evolution from the Password-Capability System into Walnut and beyond. In: Proceedings of the Sixth Australasian Computer Systems Architecture Conference, pp. 105–113. IEEE, Gold Coast, Australia (2001)

21.

Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Proceedings of the 13th Annual International Cryptology Conference, pp. 368–378. Springer, Santa Barbara, California, USA (1993)

22.

Samarati, P., De Capitani Di Vimercati, S.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) Foundations of Security Analysis and Design, pp. 137–196. Springer, Berlin, Heidelberg (2001)

23.

Sandhu, R.S.: Cryptographic implementation of a tree hierarchy for access control. Inf. Process. Lett. 27(2), 95–98 (1988)CrossRef

24.

Seitz, L., Pierson, J.-M., Brunie, L.: Key management for encrypted data storage in distributed systems. In: Proceedings of the Second IEEE International Security in Storage Workshop, pp. 20–30. IEEE, Washington, DC, USA (2003)

25.

Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: a fast capability system. ACM SIGOPS Oper. Syst. Rev. 34(2), 170–185 (2000)

26.

Trappe, W., Song, J., Poovendran, R., Liu, K.J.: Key management and distribution for secure multimedia multicast. IEEE Trans. Multimed. 5(4), 544–557 (2003)CrossRef

27.

Wilkes, M.V., Needham, R.M.: The Cambridge CAP Computer and Its Operating System. North-Holland, New York (1979)

Title: Access right management by extended password capabilities
Author: Lanfranco Lopriore
Publication date: 23-08-2017
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 5/2018
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-017-0390-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 5/2018

Integrity analysis of authenticated encryption based on stream ciphers

Watermarking protocols: an excursus to motivate a new approach

Integrity-verifiable conjunctive keyword searchable encryption in cloud storage

Message from the Guest Editors

Ciphertext-policy attribute-based encryption supporting access policy update and its extension with preserved attributes

STORK: a real, heterogeneous, large-scale eID management system

Premium Partner