Abstract
ABSTRACTWe refer to an access control system based on subjects and objects. Subjects are active entities, e.g. processes, while objects are passive entities, e.g. messages exchanged between the nodes of a distributed computing environment. The system is partitioned into security classes organized into a tree shaped hierarchy. A subject assigned to a given class can access the objects in this class and in all the classes that descend from this class in the class hierarchy. To this aim, a key is associated with each class. A mechanism of the protection system, called key derivation, allows a subject that holds the key of a given class to transform this key into the keys of the descendant classes. This mechanism is based on a single, publicly known one-way function. If the class hierarchy is modified, by adding a new class or deleting an existing class, the necessary form of key redistribution is partial, and is limited to the classes in the subtree of the root that is involved in the change.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Information Security Journal: A Global Perspective
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
