Offline delegation

A. Helme; Tage Stabell-Kulo

Offline delegation

A. Helme, Tage Stabell-Kulo

Research output: Contribution to conference › Paper › peer-review

13 Downloads (Pure)

Abstract

This article describes mechanisms for offline delegation of access rights to files maintained by a distributed 'File Repository. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets. Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory.

Original language	Undefined
Pages	25-33
Number of pages	9
Publication status	Published - Aug 1999
Event	8th USENIX Security Symposium 1999 - Washington, United States Duration: 23 Aug 1999 → 26 Aug 1999 https://www.usenix.org/legacy/events/sec99/

Conference

Conference	8th USENIX Security Symposium 1999
Country	United States
City	Washington
Period	23/08/99 → 26/08/99
Internet address	https://www.usenix.org/legacy/events/sec99/

Keywords

EWI-1026
IR-56199

Access to Document

helme_offline_delegation
open

Cite this

@conference{b67e3b7fef804b2e8a59f115ab781e51,

title = "Offline delegation",

abstract = "This article describes mechanisms for offline delegation of access rights to files maintained by a distributed 'File Repository. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets. Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory.",

keywords = "EWI-1026, IR-56199",

author = "A. Helme and Tage Stabell-Kulo",

note = "Imported from DIES; null ; Conference date: 23-08-1999 Through 26-08-1999",

year = "1999",

month = aug,

language = "Undefined",

pages = "25--33",

url = "https://www.usenix.org/legacy/events/sec99/",

}

TY - CONF

T1 - Offline delegation

AU - Helme, A.

AU - Stabell-Kulo, Tage

N1 - Imported from DIES

PY - 1999/8

Y1 - 1999/8

N2 - This article describes mechanisms for offline delegation of access rights to files maintained by a distributed 'File Repository. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets. Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory.

AB - This article describes mechanisms for offline delegation of access rights to files maintained by a distributed 'File Repository. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets. Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory.

KW - EWI-1026

KW - IR-56199

M3 - Paper

SP - 25

EP - 33

Y2 - 23 August 1999 through 26 August 1999

ER -