Journal article icon

Journal article

Non−Delegatable Authorities in Capability Systems

Abstract:

We present a novel technique, known as the non-delegatable authority (NDA), for distributing authority to unconfined subjects in capability systems that prevents them from sharing the exact same authority that they have been given with anyone else. This feature is present in common systems based on access control lists (ACLs) in which one may hand out a permission without handing out the associated \"grant\" right, but has been thought to be impossible to express in capability systems until n...

Expand abstract

Actions


Access Document


Files:
Publisher copy:
10.3233/JCS-2008-0314

Authors


Toby Murray More by this author
Duncan Grove More by this author
Journal:
Journal of Computer Security
Volume:
16
Issue:
6
Pages:
743-759
Publication date:
2008
DOI:
URN:
uuid:acfa9fef-bc21-49a6-a4d1-497d1794904c
Local pid:
cs:585

Terms of use


Metrics



If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP