Martín Abadi
Butler Lampson
Abstract
We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another principal is making a request, either on his own or on someone else's behalf. We also provide a logical language for accesss control lists and theories for deciding whether requests should be granted.
- 1 ABADI, M., AND PLOTKIN, G. A logicat view of composition. Theor. Comput. $cu 116, 1 (June 1993), 3 30. Google Scholar
- 2 ABADI, M ,BURROWS, M., KAUFMAN, C., AND LAMPSON, B. Authentication and delegation with smart-cards. In Theoret~cal Aspects of Computer Software, Springer-Verlag Lecture Notes in Computer Science 526, Sept. 1991, 326-345. Google Scholar
- 3 ANDR~KA, H. Representations of distributive lattice-ordered semigroups with binary relations. Manuscript, Aug. 1989.Google Scholar
- 4 BURROWS, M., ABADI, M., AND NEEDHAM, R.M. A logic of authentication. Proceedmgs of the Royal Society of London A 326 (1989), 233-271.Google Scholar
- 5 CCITT. CCITT Blue Book, Recommendation X.509 and ISO 9594-8: The directoryauthentication framework. Geneva, March 1988.Google Scholar
- 6 CHANDRA, A., KOZEN, D., AND STOCKMEYER~ L. Alternation. J. A~M 28, 1 (Jan. 1981), 114 133. Google Scholar
- 7 DAM, M. Relevance logic and concurrent computation. In Proceedings of the Thwd IEEE Symposium on Log~e ~n Computer Science (July 1988), 178-185.Google Scholar
- 8 NATIONAL BUREAU OF STANDARDS. Data Encryption Standard. Fed. Inform. Processing Standards Pub. 46. Washington D.C , Jan. 1977.Google Scholar
- 9 D~Frm, W., AND HELLMAN, M. New directions m cryptography. IEEE Trans. Inf. Theor. IT-22, 6 (Nov. 1976), 644 654.Google Scholar
- 10 FABRY, R Capability-based addressing. Commun. ACM 17, 7 (July 1974), 403 412. Google Scholar
- 11 GASSER, M., GOLDSTEIN, A., KAUFMAN, C., AND LAMPSON, B. The Digital Distrihuted System Security Architecture. In Proceedzngs of thc 1989 Natwnal Computer Secumty Conference (Oct. 1989), 305-319.Google Scholar
- 12 (~'ASSER, M., AND i\~CDERMOTT, E. An architecture for practical delegation in a distributed system. In Proceedmgs of the 1990 IEEE Symposium on Secumty and Prwacy (May 1990), 20 30Google Scholar
- 13 GIRARD, J.-Y. Linear logic. Theor. Comput. $cu 50 (1987), 1-102. Google Scholar
- 14 HUGttES, G E , AND CRESSWELL, NI J An Introduction to Modal Logtc. Methuen, New York, 1968.Google Scholar
- 15 KOHL, J., NEUMAN, C., AND STEINER, J. The Kerberos network authentieation service (version 5, draft 3). Available by anonymous FTP from athena-dist.mit.edu, as /pub/doc/kerberos/V5DRAFT3-RFC.{PS,TXT}, Oct. 1990.Google Scholar
- 16 KOZEN, D A completeness theorem for Kleene algebras and the algebra of regular events. Cornell TR90-1123, May 1990.Google Scholar
- 17 LAMPSON, B., ABADI, M., BURROWS, M.~ AND WOBBER, E. Authentication in distributed systems: theory and practice. ACM Trans. Comput. Syst. 10, 4 (November 1992), 265-310. Google Scholar
- 18 LEVY, H. Capab,lity-based Computer Systems. Digital Press, 1983. Google Scholar
- 19 MILLEa, S P., NEUMAN, C., SCHILLER, J.I.~ AND SALTZER, J.H. Kerberos authentication and authorization system. In Projcct Athena Techmcal Plan, Section E.2.1, MIT, July 1987.Google Scholar
- 20 NEEDHAM, R.}~{ ~ AND SCHROEDEP~, M.D. Usmg encryption for authentication in large networks of computers. Commun. ACM 21~ 12 (Dee. 1978), 993-999. Google Scholar
- 21 PRATT, V. Dynamie algebras as a well-behaved fragment of relation algebras. In Algebra~c Logic and Umversal Algebra in Computer Science, Springer-Verlag Lecture Notes in Computer Science 425, 1990, 77-110. Google Scholar
- 22 RIVEST, R.L , SHAMIR, A., AND ADLEMAN, L. A method for obtainmg digital signatures and public-key cryptosystems. Comraun. ACM 21, 2 (Feb. 1978), 120-126 Google Scholar
- 23 SALTZER, J., AND SCHROEDER, ~/i. The protection of information in computer systems. Proc. IEEE ~3, 9 (Sept. 1975), 1278 1308.Google Scholar
- 24 SOLLTNS, K Cascaded authentlcat~on. In Pvoceedmgs of the 1988 IEEE Symposium o~ Securzty and Pr~vacy (April 1988), 156-163.Google Scholar
- 25 VICKERS, S. Samson Abramsky on linear process logics. Foundatlon Workshop Notes, Oct - Nov. 1988.Google Scholar
- 26 YETTER, D N.Quantales and (noncommutatlve) linear logic. J. Symb Log~e 55, 1 (March 1990), 41 64.Google Scholar
Index Terms
- A calculus for access control in distributed systems
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Cryptography based access control in healthcare web systems
InfoSecCD '10: 2010 Information Security Curriculum Development ConferenceAccess control is the capacity of a particular subject (user, process) to permit or deny the use of a specific object (data, file). Access control mechanisms can be used in managing physical resources and logical resources. Cryptography access control ...
Relationship-based access control: protection model and policy language
CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacySocial Network Systems pioneer a paradigm of access control that is distinct from traditional approaches to access control. Gates coined the term Relationship-Based Access Control (ReBAC) to refer to this paradigm. ReBAC is characterized by the explicit ...
Reviews
Ernst L. Leiss
One of the major problems in the security of computer systems is access control. Its importance is increased in distributed systems. Thus, access control mechanisms in distributed systems are vital, but they are difficult to implement and even more difficult to verify. Building on work on access control in centralized systems, this paper defines a logical calculus that can be used to derive relations between users or resources in distributed computing systems. A logical language for access control lists is developed. An important aspect of this language is theories for deciding whether requests for access to resources are to be granted under a given control framework. Of particular interest is the formal treatment of delegation. This rather long paper succeeds in giving a good deal of motivation and interesting discussion in a form that is accessible to non logicians. Nevertheless, to appreciate the more technical aspects of the paper requires a working knowledge of logic and formal semantics.
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments