Abstract
Trust Management [1,4,10] is an approach to constructing and interpreting the trust relationships among public-keys that are used to mediate security-critical actions. Cryptographic credentials are used to specify delegation of authorisation among public keys. Existing trust management schemes are operational in nature, defining security in terms of specific controls such as delegation chains, threshold schemes, and so forth.
However, Trust Management approaches tend not to consider whether a particular authorisation policy is well designed in the sense that a principle cannot somehow bypass the intent of a complex series of authorisation delegations via some unexpected circuitous route. In an open system no individual has a complete picture of all the resources and services that are available. Unlike the administrator who ‘sees everything’ in a traditional closed system, the principals of an open system are often ordinary users and are open to confusion and subterfuge when interacting with resources and services. These users may inadvertently delegate un-intended authorisation to recipients.
In this paper we introduce the problem of authorisation subterfuge, whereby, in a poorly designed system, delegation chains that are used by principals to prove authorisation may not actually reflect the original intention of all of the participants in the chain.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Blaze, M., et al.: The keynote trust-management system version 2. Internet Request For Comments 2704 (September 1999)
Blaze, M., Ioannidis, J., Ionnidis, S., Keromytis, A., Nikander, P., Prevelakis, V.: Tapi: Transactions for accessing public infrastructure (submitted for publication, 2002)
Blaze, M., Ioannidis, J., Keromytis, A.D.: Offline micropayments without trusted hardware. In: Financial Cryptography, Grand Cayman (February 2001)
Ellison, C., et al.: SPKI certificate theory. Internet Request for Comments: 2693 (September 1999)
Ellison, C.M.: The nature of a usable PKI. Computer Networks 31, 823–830 (1999)
Foley, S.N.: Evaluating system integrity. In: Proceedings of the ACM New Security Paradigms Workshop, ACM Press, New York (1998)
Foley, S.N.: A non-functional approach to system integrity. Journal on Selected Areas in Communications 21(1) (January 2003)
Foley, S.N.: Using trust management to support transferable hash-based micropayments. In: Proceedings of the 7th International Financial Cryptography Conference, Gosier, Guadeloupe, FWI (January 2003)
Foley, S.N.: Believing in the integrity of a system. In: IJCAR Workshop on Automated Reasoning for Security Protocol Analysis, ENCS. Springer, Heidelberg (2004)
Rivest, R., Lampson, B.: SDSI - a simple distributed security infrastructure. In: DIMACS Workshop on Trust Management in Networks (1996)
Zeller, T.: New York Times (January 18, 2005)
Zhou, H., Foley, S.N.: A logic for analysing authorisation subterfuge in delegation chains. In: Submitted for publication (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Foley, S., Zhou, H. (2007). Authorisation Subterfuge by Delegation in Decentralised Networks. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2005. Lecture Notes in Computer Science, vol 4631. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77156-2_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-77156-2_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77155-5
Online ISBN: 978-3-540-77156-2
eBook Packages: Computer ScienceComputer Science (R0)