Identity and trust in the modern Internet are centralized around an oligopoly of identity service providers consisting solely of major tech companies. The problem with centralizing trust has become evident in recent discoveries of mass surveillance and censorship programs as well as information leakage through hacking incidents. One approach to decentralizing trust is distributed, attribute-based access control via attribute-based delegation (ABD). Attribute-based delegation allows a large number of cross-domain attribute issuers to be used in making authorization decisions. Attributes are not only issued to identities, but can also be delegated to other attributes issued by different entities in the system. The resulting trust chains can t...
The proposed research is in the area of attribute-based authorization systems. We address two specif...
This paper describes a security system for authorization in open networks. Authorization means autho...
Abstract. Delegation is an important tool for authorization in large distributed environments. Howev...
In this paper we present reclaimID: An architecture that allows users to reclaim their digital ident...
The ubiquity of the Internet has led to increased resource sharing between large numbers of users in...
Today, user attributes are managed at centralized identity providers. However, two centralized ident...
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional ...
In several distributed systems a user should only be able to access data if a user posses a certain ...
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional ...
International audienceIn several distributed systems a user should only be able to access data if a ...
We present the deficiencies of traditional identity-based authorization models in structured Peer-to...
In several distributed systems a user should only be able to access data if a user posses a certain ...
As the web has become a place for sharing of information and resources across varied domains, there ...
In this thesis we examine several aspects of data-centric security. In particular, we take a look at...
We describe a system whose purpose is to explore the use of certificates for the distributed manage...
The proposed research is in the area of attribute-based authorization systems. We address two specif...
This paper describes a security system for authorization in open networks. Authorization means autho...
Abstract. Delegation is an important tool for authorization in large distributed environments. Howev...
In this paper we present reclaimID: An architecture that allows users to reclaim their digital ident...
The ubiquity of the Internet has led to increased resource sharing between large numbers of users in...
Today, user attributes are managed at centralized identity providers. However, two centralized ident...
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional ...
In several distributed systems a user should only be able to access data if a user posses a certain ...
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional ...
International audienceIn several distributed systems a user should only be able to access data if a ...
We present the deficiencies of traditional identity-based authorization models in structured Peer-to...
In several distributed systems a user should only be able to access data if a user posses a certain ...
As the web has become a place for sharing of information and resources across varied domains, there ...
In this thesis we examine several aspects of data-centric security. In particular, we take a look at...
We describe a system whose purpose is to explore the use of certificates for the distributed manage...
The proposed research is in the area of attribute-based authorization systems. We address two specif...
This paper describes a security system for authorization in open networks. Authorization means autho...
Abstract. Delegation is an important tool for authorization in large distributed environments. Howev...