Authentication in Distributed Systems: Theory and Practice
Date: November 1992
Publication: ACM Transactions on Computer Systems Volume 10, Number 4
Page(s): 265 - 310
Source 1: http://users.soe.ucsc.edu/~abadi/Papers/theory.pdf
Source 2: http://research.microsoft.com/en-us/um/people/blampson/45-AuthenticationTheoryAndPractice/Acrobat.pdf
Source 3: http://dx.doi.org/10.1145/138873.138874 - Subscription or payment required
We describe a theory of authentication and a system that implements it. Our theory is based on the notion of principal and a “speaks for” relation between principals. A simple principal either has a name or is a communication channel; a compound principal can express an adopted role or delegated authority. The theory shows how to reason about a principal's authority by deducing the other principals that it can speak for; authenticating a channel is one important application. We use the theory to explain many existing and proposed security mechanisms. In particular, we describe the system we have built. It passes principals efficiently as arguments or results of remote procedure calls, and it handles public and shared key encryption, name lookup in a large name space, groups of principals, program loading, delegation, access control, and revocation.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.