Search results
1 – 2 of 2Mariemma I. Yagüe, Antonio Maña, Javier López, Ernesto Pimentel and José M. Troya
Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges for the underlying security mechanisms and especially in access…
Abstract
Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges for the underlying security mechanisms and especially in access control systems. Access control in distributed systems often relies on centralised security administration. Existing solutions for distributed access control do not provide the flexibility and manageability required. This paper presents the XML‐based secure content distribution (XSCD) infrastructure, which is based on the production of protected software objects that convey contents (software or data) and can be distributed without further security measures because they embed the access control enforcement mechanism. It also provides means for integrating privilege management infrastructures (PMIs). Semantic information is used in the dynamic instantiation and semantic validation of policies. XSCD is scalable, facilitates the administration of the access control system, guarantees the secure distribution of the contents, enables semantic integration and interoperability of heterogeneous sources, provides persistent protection and allows actions (such as payment) to be bound to the access to objects.
Details
Keywords
Vicente Benjumea, Javier Lopez and Jose M. Troya
To provide a cryptographic protocol for anonymously accessing services offered on the web. Such anonymous accesses can be disclosed or traced under certain conditions.
Abstract
Purpose
To provide a cryptographic protocol for anonymously accessing services offered on the web. Such anonymous accesses can be disclosed or traced under certain conditions.
Design/methodology/approach
The “traceable signature” scheme was used in conjunction with the “privilege management infrastructure”.
Findings
The cryptographic primitive provides a suitable tool for anonymous and unlinkable access to web resources based on the privileges that users hold. Moreover, the scheme allows for anonymity revocation and tracing of unlinkable accesses.
Research limitations/implications
The power of the attribute authority should be divided into several entities, one of them being a trusted third party, to avoid illicit disclosing of information.
Practical implications
New systems with support for anonymous access to web resources can be developed.
Originality/value
This paper adds the unlinkability property to anonymous accesses together with a tracing facility to existing proposals.