Avoiding Delegation Subterfuge Using Linked Local Permission Names

Foley, Simon N.; Abdi, Samane

doi:10.1007/978-3-642-29420-4_7

Simon N. Foley¹⁹ &
Samane Abdi¹⁹

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7140))

Included in the following conference series:

International Workshop on Formal Aspects in Security and Trust

782 Accesses
6 Citations

Abstract

Trust Management systems are typically explicit in their assumption that principals are uniquely identifiable. However, the literature has not been as prescriptive concerning the uniqueness of the permissions delegated by principals. Delegation subterfuge may arise when there is ambiguity concerning the uniqueness and interpretation of a permission. As a consequence, delegation chains that are used by principals to prove authorization may not actually reflect the original intention of all of the participants in the chain. This paper describes an extension to SPKI/SDSI that uses the notion of linked local permissions to eliminate ambiguity concerning the interpretation of a permission and thereby avoid subterfuge attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 54.99; Price excludes VAT (USA)

Softcover Book: USD 69.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Guidelines for the issuance and management of extended validation certificates. Tech. rep., CA/Browser Forum (2009), http://cabforum.org/Guidelines_v1_2.pdf
Abadi, M.: On sdsi’s linked local name spaces. In: Proceedings of the 10th Computer Security Foundations Workshop (CSFW 1997), p. 98. IEEE Computer Society, Washington, DC, USA (1997)
Chapter Google Scholar
Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The keynote trust-management system, version 2 (September 1999)
Google Scholar
Blaze, M., Feigenbaum, J., Strauss, M.: Compliance Checking in the Policymaker Trust Management System. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 254–274. Springer, Heidelberg (1998)
Chapter Google Scholar
CCITT Draft Recomendation: The Directory Authentication Framework, Version 7 (November 1987)
Google Scholar
Clarke, D., Elien, J., Ellison, C., Fredette, M., Morcos, A., Rivest, R.L.: Certificate chain discovery in spki/sdsi. Journal of Computer Security 9(4), 285–322 (2001)
Google Scholar
Ellison, C.: The nature of a usable PKI. Computer Networks 31, 823–830 (1999)
Article Google Scholar
Feeney, K., Lewis, D., O’Sullivan, D.: Service oriented policy management for web-application frameworks. IEEE Internet Computing Magazine 6(13), 39–47 (2009)
Article Google Scholar
Feeney, K., Brennan, R., Foley, S.N.: A trust model for capability delegation in federated policy systems. In: International Conference on Network and Service Management, pp. 226–229. IEEE (2010)
Google Scholar
Foley, S.N., Zhou, H.: Authorisation subterfuge by delegation in decentralised networks. In: International Security Protocols Workshop, Cambridge, UK (April 2005)
Google Scholar
Foley, S.: Noninterference analysis of delegation subterfuge. In: IEEE Computer Security Foundations Workshop, short-presentations (2006)
Google Scholar
Li, J., Li, N., Winsborough, W., Mitchell, J.C.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 11(1) (2003)
Google Scholar
Rivest, R.: S-expressions. In: Internet Draft draft-rivest-sexp-00.txt, IEFT Network Working Group (1997)
Google Scholar
Zeller, T.: Purloined domain name is an unsolved mystery. New York Times (January 18, 2005)
Google Scholar
Zhou, H., Foley, S.N.: A Logic for Analysing Subterfuge in Delegation Chains. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 127–141. Springer, Heidelberg (2006)
Chapter Google Scholar
Zhou, H., Foley, S.N.: A framework for establishing decentralized secure coalitions. In: Proceedings of IEEE Computer Security Foundations Workshop. IEEE CS Press (2006)
Google Scholar

Download references

Author information

Authors and Affiliations

Cork Constraint Computation Centre, Department of Computer Science, University College Cork, Ireland
Simon N. Foley & Samane Abdi

Authors

Simon N. Foley
View author publications
You can also search for this author in PubMed Google Scholar
Samane Abdi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

IMDEA Software Institute, Universidad Politecnica de Madrid, Campus Montegancedo, 28660, Boadilla del Monte, Madrid, Spain
Gilles Barthe
Carnegie Mellon University, NASA Research Park, Bldg. 23 (MS 23-11), P.O. Box 1, 94035-0001, Moffet Field, CA, USA
Anupam Datta
Faculty of Mathematics and Computer Science, Embedded Systems Security Group, Technical University of Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands
Sandro Etalle

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Foley, S.N., Abdi, S. (2012). Avoiding Delegation Subterfuge Using Linked Local Permission Names. In: Barthe, G., Datta, A., Etalle, S. (eds) Formal Aspects of Security and Trust. FAST 2011. Lecture Notes in Computer Science, vol 7140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29420-4_7

Download citation

DOI: https://doi.org/10.1007/978-3-642-29420-4_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29419-8
Online ISBN: 978-3-642-29420-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics