A Chinese wall security model for decentralized workflow systems
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Secure Component Distribution Using WebCom
SEC '02 Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives
Webcom-G: grid enabled metacomputing
Neural, Parallel & Scientific Computations - Special issue: Grid computing
Security in WebCom: addressing naming issues for a web services architecture
SWS '04 Proceedings of the 2004 workshop on Secure web service
Security controls in the ADEPT-50 time-sharing system
AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference
| Hi-index | 0.00 |
Traditional trust management authorisation decisions for distributed technologies, are, in general, based on the history of the authorisations/computation to date. We consider this a pull authorisation strategy: the authorisation decision reflects the current and/or past authorisations. In this paper, we examine this pull strategy and propose an alternative form of authorisation in a distributed environment. Instead of 'pulling' the information required for the current authorisation decisions from the past, authorisation decisions are made to specify what will happen in the future. This strategy is called push authorisation. When a push decision is made, its result is pushed to just the relevant protection mechanisms. This approach allows the creation of distributed separation of duties policies, without requiring additional synchronisation between components in the execution. It allows present actions to inform future authorisation decisions, before those decisions must be made.