Distributed Authorization With Distributed Grammars

Martin Abadi

Mike Burrows

Himabindu Pucha

Adam Sadovsky

Asim Shankar

Ankur Taly

Programming Languages with Applications to Biology and Security, Springer International Publishing Switzerland, Gewerbestrasse 11 CH-6330 Cham (ZG) Switzerland (2015), pp. 10-26

Google Scholar

Abstract

While groups are generally helpful for the definition of authorization policies, their use in distributed systems is not straightforward. This paper describes a design for authorization in distributed systems that treats groups as formal languages. The design supports forms of delegation and negative clauses in authorization policies. It also considers the wish for privacy and efficiency in group-membership checks, and the possibility that group definitions may not all be available and may contain cycles.

Research Areas

Algorithms and Theory
Security, Privacy and Abuse Prevention

Defining the technology of today and tomorrow.

Philosophy

People

Teams

AI/ML Foundations  & Capabilities

Algorithms & Optimization

Computing Paradigms

Responsible Human-Centric Technology

Science & Societal Impact

Projects

Publications

Resources

Shaping the future, together.

Student programs

Faculty programs

Conferences & events

Distributed Authorization With Distributed Grammars

Abstract

Research Areas

Learn more about how we conduct our research

Defining the technology of today and tomorrow.

Philosophy

People

Teams

AI/ML Foundations & Capabilities

Algorithms & Optimization

Computing Paradigms

Responsible Human-Centric Technology

Science & Societal Impact

Projects

Publications

Resources

Shaping the future, together.

Student programs

Faculty programs

Conferences & events

Distributed Authorization With Distributed Grammars

Abstract

Research Areas

Learn more about how we conduct our research

AI/ML Foundations  & Capabilities