Authentication in Distributed Systems: Theory and Practice

Get BibTex-formatted data

Author

Butler Lampson,Martin Abadi,Michael Burrows,Edward Wobber

Entry type

techreport

Abstract

We describe a theory of authentication and a system that implements it. Our theory is bases on the notion of pricipal and a 'speak for' relation between principals. A simple principal either has a name or is a communication channel; a compound principal can express an adobted role or delegated authority. The theory shows how to reason about a principal's authority by deducing the other principals the other principals that it can speak for; authenticating a channel is one important application. We use the theory to explain many existing and proposed security mechanisms. In particular, we describe the system we have built. It passes principals efficiently as arguments or results of remote procedure calls, and it handles public and shared key encryption, name lookup in a large name space, groups of principals, program loading, delegation, access control, and revocation.

Date

1992 – August

Address

Palo Alto, CA 94301

Institution

Digital Equipment Corp.

Key alpha

Lampson

Publication Date

0000-00-00

Location

A hard-copy of this is in the Papers Cabinet

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Lampson,
	title = "Authentication in Distributed Systems: Theory and Practice",
	author = "Butler Lampson,Martin Abadi,Michael Burrows,Edward Wobber",
	year = "1992",
	month = "August",
	address = "Palo Alto, CA 94301",
	institution = "Digital Equipment Corp.",
	abstract = "We describe a theory of authentication and a system that implements it. Our theory is
bases on the notion of pricipal and a 'speak for' relation between principals. A simple
principal either has a name or is a communication channel; a compound principal can
express an adobted role or delegated authority. The theory shows how to reason about a
principal's authority by deducing the other principals the other principals that it
can speak for; authenticating a channel is one important application. We use the
theory to explain many existing and proposed security mechanisms. In particular, we
describe the system we have built. It passes principals efficiently as arguments or
results of remote procedure calls, and it handles public and shared key encryption,
name lookup in a large name space, groups of principals, program loading, delegation,
access control, and revocation.",
}