Skip to main content

Avoiding Delegation Subterfuge Using Linked Local Permission Names

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7140)

Abstract

Trust Management systems are typically explicit in their assumption that principals are uniquely identifiable. However, the literature has not been as prescriptive concerning the uniqueness of the permissions delegated by principals. Delegation subterfuge may arise when there is ambiguity concerning the uniqueness and interpretation of a permission. As a consequence, delegation chains that are used by principals to prove authorization may not actually reflect the original intention of all of the participants in the chain. This paper describes an extension to SPKI/SDSI that uses the notion of linked local permissions to eliminate ambiguity concerning the interpretation of a permission and thereby avoid subterfuge attacks.

Keywords

  • Delegation Statement
  • Trust Management
  • Compliance Check
  • Trust Management System
  • Local Permission

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Guidelines for the issuance and management of extended validation certificates. Tech. rep., CA/Browser Forum (2009), http://cabforum.org/Guidelines_v1_2.pdf

  2. Abadi, M.: On sdsi’s linked local name spaces. In: Proceedings of the 10th Computer Security Foundations Workshop (CSFW 1997), p. 98. IEEE Computer Society, Washington, DC, USA (1997)

    CrossRef  Google Scholar 

  3. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The keynote trust-management system, version 2 (September 1999)

    Google Scholar 

  4. Blaze, M., Feigenbaum, J., Strauss, M.: Compliance Checking in the Policymaker Trust Management System. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)

    CrossRef  Google Scholar 

  5. CCITT Draft Recomendation: The Directory Authentication Framework, Version 7 (November 1987)

    Google Scholar 

  6. Clarke, D., Elien, J., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate chain discovery in spki/sdsi. Journal of Computer Security 9(4), 285–322 (2001)

    Google Scholar 

  7. Ellison, C.: The nature of a usable PKI. Computer Networks 31, 823–830 (1999)

    CrossRef  Google Scholar 

  8. Feeney, K., Lewis, D., O’Sullivan, D.: Service oriented policy management for web-application frameworks. IEEE Internet Computing Magazine 6(13), 39–47 (2009)

    CrossRef  Google Scholar 

  9. Feeney, K., Brennan, R., Foley, S.N.: A trust model for capability delegation in federated policy systems. In: International Conference on Network and Service Management, pp. 226–229. IEEE (2010)

    Google Scholar 

  10. Foley, S.N., Zhou, H.: Authorisation subterfuge by delegation in decentralised networks. In: International Security Protocols Workshop, Cambridge, UK (April 2005)

    Google Scholar 

  11. Foley, S.: Noninterference analysis of delegation subterfuge. In: IEEE Computer Security Foundations Workshop, short-presentations (2006)

    Google Scholar 

  12. Li, J., Li, N., Winsborough, W., Mitchell, J.C.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 11(1) (2003)

    Google Scholar 

  13. Rivest, R.: S-expressions. In: Internet Draft draft-rivest-sexp-00.txt, IEFT Network Working Group (1997)

    Google Scholar 

  14. Zeller, T.: Purloined domain name is an unsolved mystery. New York Times (January 18, 2005)

    Google Scholar 

  15. Zhou, H., Foley, S.N.: A Logic for Analysing Subterfuge in Delegation Chains. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 127–141. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  16. Zhou, H., Foley, S.N.: A framework for establishing decentralized secure coalitions. In: Proceedings of IEEE Computer Security Foundations Workshop. IEEE CS Press (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Foley, S.N., Abdi, S. (2012). Avoiding Delegation Subterfuge Using Linked Local Permission Names. In: Barthe, G., Datta, A., Etalle, S. (eds) Formal Aspects of Security and Trust. FAST 2011. Lecture Notes in Computer Science, vol 7140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29420-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29420-4_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29419-8

  • Online ISBN: 978-3-642-29420-4

  • eBook Packages: Computer ScienceComputer Science (R0)