Authentication in Distributed Systems: Theory and Practice (1991)
Cached
Download Links
- [courseweb.sp.cs.cmu.edu]
- [www.cs.wisc.edu]
- [www.cs.wisc.edu]
- [people.cs.vt.edu]
- [cs.unomaha.edu]
- [www.research.microsoft.com]
- [www.cse.ucsc.edu]
- [www.cse.nd.edu]
- [www.soe.ucsc.edu]
- [research.microsoft.com]
- [research.microsoft.com]
- [lass.cs.umass.edu]
- [lass.cs.umass.edu]
- [www.nd.edu]
- [www.cs.ucsc.edu]
- [research.microsoft.com]
- [research.microsoft.com]
- [lass.cs.umass.edu]
- [www.cs.utexas.edu]
- [www.cs.utexas.edu]
- [terato.hanyang.ac.kr]
- [www-db.stanford.edu]
- [ftp.digital.com]
- [gatekeeper.dec.com]
- [www.hpl.hp.com]
| Citations: | 403 - 32 self |
BibTeX
@MISC{Lampson91authenticationin,
author = {Butler Lampson and Martin Abadi and Michael Burrows and Edward Wobber},
title = { Authentication in Distributed Systems: Theory and Practice},
year = {1991}
}
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
We describe a theory of authentication and a system that im-plements it. Our theory is based on the notion of principal and a “speaks for ” relation between principals. A simple principal either has a name or is a communication channel; a compound principal can express an adopted role or delegation of authority. The theory explains how to reason about a principal’s authority by deducing the other principals that it can speak for authenticating a channel is one important application, We use the theory to explain many existing and proposed mechanisms for security. In particular, we describe the system we have built. It passes principals efficiently as arguments or results of remote procedure calls, and it handles public and shared key encryption, name lookup in a large name space, groups of principals, loading programs, delegation, access control, and revocation.
