Consumable Credentials in Logic-Based Access Control

Ljudevit Bauer, Kevin D Bowers, Frank Pfenning, Michael K. Reiter
We present a framework to support consumable credentials in a logic-based distributed authorization system. Such credentials convey use-limited authority (e.g., to open a door once) or authority to utilize resources that are themselves limited (e.g., to spend money).We design a framework based on linear logic to enforce the consumption of credentials in a distributed system, and to protect credentials from nonproductive consumption as might result from misbehavior or failure. Finally, we give
more » ... Finally, we give several usage examples in the framework, and evaluate the performance of our implementation for use in a ubiquitous computing deployment at our institution.
doi:10.1184/r1/6467834 fatcat:xy4hqjlwyfc4xorodsroyn74t4