OOPSLA '87 Conference proceedings on Object-oriented programming systems, languages and applications
ICICS '97 Proceedings of the First International Conference on Information and Communication Security
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
On the Structure of Delegation Networks
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
The Dolev-Yaho Intruder is the Most Powerful Attacker
LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Provably secure delegation-by-certification proxy signature schemes
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Supporting conditional delegation in secure workflow management systems
Proceedings of the tenth ACM symposium on Access control models and technologies
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
DToken: A Lightweight and Traceable Delegation Architecture for Distributed Systems
SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
DAuth: Fine-Grained Authorization Delegation for Distributed Web Application Consumers
POLICY '10 Proceedings of the 2010 IEEE International Symposium on Policies for Distributed Systems and Networks
Verifying a delegation protocol for grid systems
Future Generation Computer Systems
A Delegation Solution for Universal Identity Management in SOA
IEEE Transactions on Services Computing
Hi-index | 0.00 |
Delegation is one important aspect of large-scale distributed systems where many processes and operations run on behalf of system users and clients in order to achieve highly computational and resource intensive tasks. As such, delegation is often synonymous with the concept of trust, in that the delegator would expect some degree of reliability regarding the delegatee's ability and predictability to perform the delegated task. The delegation protocol itself is expected to maintain certain basic properties, such as integrity, traceability, accountability and the ability to determine delegation chains. In this paper, we give an overview of the vulnerabilities that one such delegation protocol exhibits, namely DToken, a lightweight protocol for Grid systems, as interesting examples of design mistakes. We also propose an alternative protocol, DToken II, which fixes such vulnerabilities.