ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
advertisementadvertisement
Information Sciences
Volume 177, Issue 19, 1 October 2007, Pages 4014-4030
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (255 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (0)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.ins.2007.04.004    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2007 Elsevier Inc. All rights reserved.

Delegation with supervision

Richard W.C. Luia, Corresponding Author Contact Information, E-mail The Corresponding Author, Lucas C.K. Huib and S.M. Yiub

aDepartment of Computer Science, City University of Hong Kong, 83 Tat Chee Avenue, Hong Kong bDepartment of Computer Science, The University of Hong Kong, Pokfulam Road, Hong Kong

Received 11 November 2005; 
revised 25 September 2006; 
accepted 2 April 2007. 
Available online 21 April 2007.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

Delegation certificates (e.g. SPKI) support the decentralized management of access rights in organizations without the need for a centralized server to mediate every delegation operation. However, it does not allow the access rights to be delegated in a flexible way. For instance, a user cannot be granted the authorization to perform delegation of permission without granting himself/herself the authorization to exercise the associated permission at the same time. In this paper, we propose an improved delegation model, where the various users in a delegation chain may perform supervision on the delegate to exercise the delegated permission. We describe the way to support the model using SPKI as an example. Also, we describe how to support efficient authorization in delegation with supervision using proxy signature techniques.

Keywords: Delegation certificate; Access control; Security management; Proxy signature

Article Outline

1. Introduction
2. Related research
2.1. Simple public-key infrastructure (SPKI)
2.2. Proxy signature
3. Limitations of the delegation certificate approach
4. A model for supporting flexible delegation of access rights
5. Supporting fine-grained delegation of access rights using SPKI
5.1. The scheme
5.2. Discussion
6. A more efficient scheme for delegation with supervision
6.1. Proxy signature scheme by Kim et al.
6.2. Proxy signature scheme for chained delegation
6.3. Supporting supervision in delegation
6.4. The proposed delegation protocol
6.5. Security analysis
6.6. Efficiency
7. An architecture to support delegation with supervision
7.1. An overview
7.2. Delegation and authorization process
8. Summary and future research directions
Acknowledgements
References





Information Sciences
Volume 177, Issue 19, 1 October 2007, Pages 4014-4030
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.