The Community for Technology Leaders
RSS Icon
Subscribe
Oakland, CA
May 1, 1989 to May 3, 1989
ISBN: 0-8186-1939-2
pp: 56
ABSTRACT
We present the design of an Identity-based Capability protection system ICAP, which is aimed at a distributed system in a network environment. The semantics of traditional capabilities are modified to incorporate subject identities. This enables the monitoring, mediating, and recording of capability propagations to enforce security policies. It also supports administrative activities such as traceability. We have developed an exception list approach to achieve rapid revocation and the idea of capability propagation trees for complete revocation. Compared with existing capability system designs, ICAP requires much less storage and has the potential of lower cost and better real-time performance. We propose to expand Kain and Landwehr's design taxonomy of capability-based systems to cover a wider range of designs.
INDEX TERMS
null
CITATION
Li Gong, "A Secure Identity-Based Capability System", SP, 1989, 2012 IEEE Symposium on Security and Privacy, 2012 IEEE Symposium on Security and Privacy 1989, pp. 56, doi:10.1109/SECPRI.1989.36277
20 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool