Solving identity delegation problem in the e-government environment

At present, many countries allow citizens or entities to interact with the government outside the telematic environment through a legal representative who is granted powers of representation. However, if the interaction takes place through the Internet, only primitive mechanisms of representation are available, and these are mainly based on non-dynamic offline processes that do not enable quick and easy identity delegation. This paper proposes a system of dynamic delegation of identity between two generic entities that can solve the problem of delegated access to the telematic services provided by public authorities. The solution herein is based on the generation of a delegation token created from a proxy certificate that allows the delegating entity to delegate identity to another on the basis of a subset of its attributes as delegator, while also establishing in the delegation token itself restrictions on the services accessible to the delegated entity and the validity period of delegation. Further, the paper presents the mechanisms needed to either revoke a delegation token or to check whether a delegation token has been revoked. Implications for theory and practice and suggestions for future research are discussed

Secure Dynamic Cloud-based Collaboration with Hierarchical Access

In recent years, the Cloud has emerged as an attractive way of hosting and delivering services over the Internet. This has resulted in a renewed focus on information security in the case where data is stored in the virtual space of the cloud and is not physically accessible to the customer. Through this thesis the boundaries of securing data in a cloud context, while retaining the benefits of the cloud, are explored. The thesis addresses the increasing security concerns of migrating to the cloud andutilising it for data storage.The research of this thesis is divided into three separate areas: securing data in an untrusted cloud environment, ensuring data access control in the cloud, and securing data outside the cloud in the user's environment. Each area is addressed by separate conceptual designs. Together these comprise a secure dynamic cloud-based collaboration environment with hierarchical access. To further validate the conceptual designs, proof of concept prototypes have been constructed.The conceptual designs have been devised by exploring and extending the boundaries of existing secure data-storage schemes, and then combining these with well-known security principles and cutting-edge research within the field of cryptography. The results of this thesis are feasible conceptual designs for a cloud-based dynamic collaboration environment. The conceptual designs address the challenges of secure cloud-based storage and allow the benefits of cloud-based storage to be utilised. Furthermore, this thesis provides a solid foundation for further work within this field

Anonymity and trust in the electronic world

Privacy has never been an explicit goal of authorization mechanisms. The traditional approach to authorisation relies on strong authentication of a stable identity using long term credentials. Audit is then linked to authorization via the same identity. Such an approach compels users to enter into a trust relationship with large parts of the system infrastructure, including entities in remote domains. In this dissertation we advance the view that this type of compulsive trust relationship is unnecessary and can have undesirable consequences. We examine in some detail the consequences which such undesirable trust relationships can have on individual privacy, and investigate the extent to which taking a unified approach to trust and anonymity can actually provide useful leverage to address threats to privacy without compromising the principal goals of authentication and audit. We conclude that many applications would benefit from mechanisms which enabled them to make authorization decisions without using long-term credentials. We next propose specific mechanisms to achieve this, introducing a novel notion of a short-lived electronic identity, which we call a surrogate. This approach allows a localisation of trust and entities are not compelled to transitively trust other entities in remote domains. In particular, resolution of stable identities needs only ever to be done locally to the entity named. Our surrogates allow delegation, enable role-based access control policies to be enforced across multiple domains, and permit the use of non-anonymous payment mechanisms, all without compromising the privacy of a user. The localisation of trust resulting from the approach proposed in this dissertation also has the potential to allow clients to control the risks to which they are exposed by bearing the cost of relevant countermeasures themselves, rather than forcing clients to trust the system infrastructure to protect them and to bear an equal share of the cost of all countermeasures whether or not effective for them. This consideration means that our surrogate-based approach and mechanisms are of interest even in Kerberos-like scenarios where anonymity is not a requirement, but the remote authentication mechanism is untrustworthy

Design and semantics of a decentralized authorization language

We present a declarative authorization language that strikes a careful balance between syntactic and semantic simplicity, policy expressiveness, and execution efficiency. The syntax is close to natural language, and the semantics consists of just three deduction rules. The language can express many common policy idioms using constraints, controlled delegation, recursive predicates, and negated queries. We describe an execution strategy based on translation to Datalog with Constraints, and table-based resolution. We show that this execution strategy is sound, complete, and always terminates, despite recursion and negation, as long as simple syntactic conditions are met