Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Practical Decentralized Attribute-Based Delegation Using Secure Name Systems

 
: Schanzenbach, M.; Banse, C.; Schütte, J.

:

Institute of Electrical and Electronics Engineers -IEEE-:
17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2018. 12th IEEE International Conference on Big Data Science and Engineering, BigDataSE 2018. Proceedings : 31 July - 3 August 2018, New York, New York
Piscataway, NJ: IEEE, 2018
ISBN: 978-1-5386-4388-4
ISBN: 978-1-5386-4387-7
ISBN: 978-1-5386-4389-1
S.244-251
International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) <17, 2018, New York/NY>
International Conference on Big Data Science and Engineering (BigDataSE) <12, 2018, New York/NY>
International Symposium on Security, Privacy and Trust in Internet of Things (SPTIoT) <2, 2018, New York/NY>
Englisch
Konferenzbeitrag
Fraunhofer AISEC ()

Abstract
Identity and trust in the modern Internet are centralized around an oligopoly of identity service providers consisting solely of major tech companies. The problem with centralizing trust has become evident in recent discoveries of mass surveillance and censorship programs as well as information leakage through hacking incidents. One approach to decentralizing trust is distributed, attribute-based access control via attribute-based delegation (ABD). Attribute-based delegation allows a large number of cross-domain attribute issuers to be used in making authorization decisions. Attributes are not only issued to identities, but can also be delegated to other attributes issued by different entities in the system. The resulting trust chains can then be resolved by any entity given an appropriate attribute storage and resolution system. While current proposals often fail at the practicability, we show how attribute-based delegation can be realized on top of the secure GNU Name System (GNS) to solve an authorization problem in a real-world scenario.

: http://publica.fraunhofer.de/dokumente/N-520124.html