Supporting Imprecise Delegation in KeyNote

  • Simon N. Foley
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2845)


With decentralized authorization comes the challenge of ensuring that when a credential is written, then it precisely captures the delegation that is intended. A request for a particular service may be unexpectedly rejected, despite the requester having credentials for what should be considered a comparable service. This paper considers how techniques that support imprecision in Case-Based Reasoning Systems might be used when delegating and checking authorizations in the KeyNote trust management system.


Security Protocol Trust Management Compliance Check Business Customer Policy Credential 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Apache-ssl release version 1.3.6/1.36. Open source software distribution. Available from URL,
  2. 2.
    Aura, T., Ellison, C.: Privacy and accountability in certificate systems. Technical Report HUT-TCS-A61, Helsinki University of Technology, Laboratory for Theoretical Computer Science (2000)Google Scholar
  3. 3.
    Blaze, M., et al.: The keynote trust-management system version 2, Internet Request For Comments 2704 (September 1999)Google Scholar
  4. 4.
    Blaze, M., et al.: The role of trust management in distributed systems security. In: Secure Internet Programming: Issues in Distributed and Mobile Object Systems. LNCS. Springer, Heidelberg (1999)Google Scholar
  5. 5.
    Blaze, M., Ioannidis, J., Keromytis, A.D.: Trust management and network layer security protocols. In: Security Protocols International Workshop. LNCS. Springer, Heidelberg (1999)Google Scholar
  6. 6.
    Ellison, C., et al.: SPKI certificate theory, Internet Request for Comments: 2693 (September 1999)Google Scholar
  7. 7.
    Foley, S.N., Quillinan, T.B., Morrison, J.P.: Secure component distribution using WebCom. In: Proceeding of the 17th International Conference on Information Security (IFIP/SEC 2002), Cairo, Egypt (May 2002)Google Scholar
  8. 8.
    Foley, S.N.: Trust management and whether to delegate. In: International Workshop on Security protocols, Cambridge, UK. Springer, Heidelberg (2001)Google Scholar
  9. 9.
    Osborne, H., Bridge, D.: Models of similarity for case-based reasoning. In: Cambouropolos, E., Ramscar, M., Hahn, U., Pain, H. (eds.) Procs. of the Interdisciplinary Workshop on Similarity and Categorisation, pp. 173–179 (1997)Google Scholar
  10. 10.
    Watson, I., Marir, F.: Case based reasoning review. The Knowledge Engineering Review 9(4) (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Simon N. Foley
    • 1
  1. 1.Department of Computer ScienceUniversity CollegeCorkIreland

Personalised recommendations