Credential revocation in the RT Framework

Credential revocation in the RT Framework
File Size:
3.13 MB
Wojciech Pikulski, Krzysztof Sacha
w[dot]pikulski[at]elka[dot]pw[dot]edu[dot]pl, k[dot]sacha[at]ia[dot]pw[dot]edu[dot]pl
04 February 2014
11 x

Abstract: The paper is focused on nonmonotonicity in trust management models which provide access control mechanisms for distributed systems. The work explains what decentralised systems are, defines a notion of security model nonmonotonicity, presents its types and points out factors that causes trust management model to become nonmonotonic. A result of this analysis is a model for credential revocation in the RT Framework trust management model. When security model allows for credential revocation, it becomes nonmonotonic. Presented model allows to turn it to be temporally monotonic. It allows policy authors to define constraints for roles, and applies those values to credentials. When credential does not comply to defined requirements, it is disregarded. A model is evaluated against sample scenario, which demonstrates how it can be applied to real-life use cases.

Keywords: Software security, trust management, credential revocation, RT Framework, nonmonotonicity, credential chain, credential graph, freshness constraints, freshness graph

Area: Electronics and Information Technologies


License Agreement

I agree to the terms listed above
Powered by Phoca Download