We investigate the notion of authentication procedure. We show how this can be split in several phases: establishing that an ability can be performed, deducing a certain information from such an ability, witnessing the authenticity of the information deduced from the ability. In our framework, ability means that one is able to perform role in a protocol. We argue that the concept of ability authentication is more general that the one of identity authentication, that is commonly used in AAA systems. The flexibility provided by our framework of authentication seems also suitable for ubiquitous computing scenarios.
A Flexible Framework for Access Control Based on Ability Authentication.
F Martinelli;A Vaccarelli
2005
Abstract
We investigate the notion of authentication procedure. We show how this can be split in several phases: establishing that an ability can be performed, deducing a certain information from such an ability, witnessing the authenticity of the information deduced from the ability. In our framework, ability means that one is able to perform role in a protocol. We argue that the concept of ability authentication is more general that the one of identity authentication, that is commonly used in AAA systems. The flexibility provided by our framework of authentication seems also suitable for ubiquitous computing scenarios.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
