Administration Rights in the SDSD-System [chapter]

Joachim Biskup, Thomas Leineweber, Jörg Parthe
2004 IFIP International Federation for Information Processing  
The SDSD-system offers state-dependent access control in distributed object systems. The system enforces protocols which declare sets of activity sequences as allowed, thereby forbidding any occurence of an activity outside the context of an allowed sequence. In this paper we conceptually extend the SDSD-system by introducing discretionary administration rights for controlling the activities of declaring, binding and starting SDSDprotocols. Additionally, we introduce second level administration
more » ... rights for controlling the grant and revoke activities concerning administration rights. Exploiting the powerful potentials of the SDSD-system, the new concepts are implemented by special administration protocols. Administration protocols are enforced with the same techniques already used for application protocols concerning the functionality of the underlying object system. In this environment recursive revocation is shown to be feasible.
doi:10.1007/1-4020-8070-0_11 fatcat:tvta5ps7ovbdtmsfjvetvkdsam