Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security Protocols

Security Protocols 2002: Security Protocols pp 96–103Cite as

Contractual Access Control

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2845))

Abstract

In this position paper we discuss the issue of enforcing access policies in distributed environments where there is no central system designer/administrator, and consequently no guarantee that policies will be properly implemented by all components of the system. We argue that existing access control models, which are based on the concepts of permission and prohibition, need to be extended with the concept of entitlement. Entitlement to access a resource means not only that the access is permitted but also that the controller of the resource is obliged to grant the access when it is requested. An obligation to grant the access however does not guarantee that it will be granted: agents are capable of violating their obligations. In the proposed approach we discuss a Community Regulation Server that not only reasons about access permissions and obligations, but also updates the normative state of a community according to the contractual performance of its interacting agents.

This work is supported by the Swedish Agency for Innovation Systems (Vinnova) as part of the Policy Based Management Project.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bandmann, O., Dam, M., Firozabadi, B.S.: Constrained Delegations. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 131–140 (2002)

    Google Scholar 

  2. Sadighi Firozabadi, B., Sergot, M., Bandmann, O.: Using Authority Certificates to Create Management Structures. In: Proceedings of the 9th International Workshop on Security Protocols, Cambridge, UK (April 2001) (to appear)

    Google Scholar 

  3. Firozabadi, B.S., Sergot, M.: Revocation Schemes for Delegated Authorities. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks, Monterey, California, USA, June 2002, pp. 210–213. IEEE, Los Alamitos (2002)

    Chapter  Google Scholar 

  4. Foster, I., Kesselman, C., Nick, J., Tuecke, S.: The physiology of the grid: An open grid services architecture for distributed systems integration (January 2002), http://www.globus.org/research/papers/ogsa.pdf

  5. Foster, I., Kesselman, C., Tuecke, S.: The Anatomy of the Grid – Enabling Scalable Virtual Organisations. International Journal of Supercomputer Applications 15(3) (2001)

    Google Scholar 

  6. Pearlman, L., Welch, V., Foster, I., Kesselman, C.: A Community Authorisation Service for Group Collaboration. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks, Monterey, California, USA, June 2002, pp. 50–59. IEEE, Los Alamitos (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Swedish Institute of Computer Science (SICS),  

    Babak Sadighi Firozabadi

  2. Imperial College of Science, Technology and Medicine,  

    Marek Sergot

Authors
  1. Babak Sadighi Firozabadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marek Sergot
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Hertfordshire,  

    Bruce Christianson

  2. Computer Systems Group, Vrije Universiteit, Amsterdam, The Netherlands

    Bruno Crispo

  3. Georgia Institute of Technology, Atlanta, GA

    James A. Malcolm

  4. Microsoft Research, Cambridge, UK

    Michael Roe

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Firozabadi, B.S., Sergot, M. (2004). Contractual Access Control. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2002. Lecture Notes in Computer Science, vol 2845. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39871-4_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39871-4_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20830-3

  • Online ISBN: 978-3-540-39871-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation