Rights accessRestricted access - publisher's policy
In decentralized network-based environments, resource sharing occurs more frequently as
computing becomes more pervasive. Access to shared resources must be protected allowing
access only to authorized entities. Delegation is a powerful mechanism to provide flexible
and distributed access control when a user acts on another user’s behalf. User’s rights/
attributes are contained in digital certificates and successive delegations generate chains of
certificates.When an access control decision related to a delegation path has to be taken, its
corresponding certificate chain has to be validated. Validation of long delegation paths is
a costly process that might be critical when constrained devices are involved. In this article,
we propose a mechanism called PREON (Prefix Revocation) which is based on prefix codes.
PREON allows a privilege verifier to efficiently check a delegation chain when cascade
revocation is enabled. We show by statistical analysis that our proposal outperforms delegation
systems without prefix coding especially for long delegation paths and high revocation
CitationHinarejos, M. [et al.]. PREON: An efficient cascade revocation mechanism for delegation paths. "Computers and security", Setembre 2010, vol. 29, núm. 6, p. 697-711.
All rights reserved. This work is protected by the corresponding intellectual and industrial property rights. Without prejudice to any existing legal exemptions, reproduction, distribution, public communication or transformation of this work are prohibited without permission of the copyright holder. If you wish to make any use of the work not provided for in the law, please contact: firstname.lastname@example.org