We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.
Split consensus for object security
Lanfranco Lopriore
2023-01-01
Abstract
We present a set of security mechanisms supporting a form of split consensus between subjects that grant permissions to exert rights to access objects, and subjects that hold these rights. Our solution is based on lock-key pairs. A key specifies a collection of access rights, and a category for each access right. For each category, a lock states whether an access right in that category is valid, or not. We illustrate a few examples of applications, including file security, a form of priority-based access control, access control lists, and capability lists supporting hierarchical object structures.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
