A Capability-based System to Enforce Context-aware Permission Sequence
| dc.contributor.advisor | Safavi-Naini, Reihaneh S. | |
| dc.contributor.author | Li, Shuai | |
| dc.contributor.committeemember | Fong, Philip W. L. | |
| dc.contributor.committeemember | Reardon, Joel | |
| dc.date | 2020-06 | |
| dc.date.accessioned | 2020-02-03T18:50:13Z | |
| dc.date.available | 2020-02-03T18:50:13Z | |
| dc.date.issued | 2020-01-31 | |
| dc.description.abstract | With the rise of the Internet of Things, the need for distributed authorization is fast growing. We consider a capability-based distributed authorization system where a client obtains access tokens (capabilities) from an authorization server and by presenting them to a resource server, obtains access. We propose a capability system that provides efficient and refined (conditional) access to resources. It supports “ordered permission” and “context”, and so allows a sequence of permissions to be enforced, each with their own specific context. We prove the safety property of this system for these conditions, show how it can be incorporated in the OAuth framework, and give an implementation of the system - Griffin that uses OAuth 2.0 with proof-of-possession token and attribute-based access control model. | en_US |
| dc.identifier.citation | Li, S. (2020). A Capability-based System to Enforce Context-aware Permission Sequence (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. | en_US |
| dc.identifier.doi | http://dx.doi.org/10.11575/PRISM/37549 | |
| dc.identifier.uri | http://hdl.handle.net/1880/111611 | |
| dc.publisher.faculty | Science | en_US |
| dc.publisher.institution | University of Calgary | en |
| dc.rights | University of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission. | en_US |
| dc.subject | Security and Privacy | en_US |
| dc.subject | Distributed Authorization | en_US |
| dc.subject | Internet of Things | en_US |
| dc.subject | Access Control | en_US |
| dc.subject | Security Protocols | en_US |
| dc.subject.classification | Computer Science | en_US |
| dc.title | A Capability-based System to Enforce Context-aware Permission Sequence | en_US |
| dc.type | master thesis | en_US |
| thesis.degree.discipline | Computer Science | en_US |
| thesis.degree.grantor | University of Calgary | en_US |
| thesis.degree.name | Master of Science (MSc) | en_US |
| ucalgary.item.requestcopy | true | en_US |