2005 (English)In: Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349, Vol. 3364, 134-152 p.Article in journal (Refereed) Published
SPKI is a certificate-based framework for authorisation in distributed systems. The SPKI framework is extended by an iteration construct, essentially Kleene star, to express constraints on delegation chains. Other possible applications, not explored in the paper, include multidomain network routing path constraints. The main decision problems for the extended language are shown to correspond to regular language membership and containment respectively. To support an efficient decision algorithm in both cases we give a sound and complete inference system for a fragment of the language which is decidable in polynomial time. We finally show how to use the extended syntax to represent constrained delegation in SPKI.
Place, publisher, year, edition, pages
2005. Vol. 3364, 134-152 p.
Algorithms, Distributed computer systems, Motion planning, Polynomials, Security of data
IdentifiersURN: urn:nbn:se:kth:diva-43212DOI: 10.1007/11542322_18ISI: 000232948300010ScopusID: 2-s2.0-33645695142OAI: oai:DiVA.org:kth-43212DiVA: diva2:447811
QC 20111013. 11th International Workshop on Security Protocols. Cambridge, ENGLAND. APR 02-04, 20032011-10-132011-10-132011-10-13Bibliographically approved