Repository logo
 

Explicit Delegation Using Configurable Cookies

Accepted version
Peer-reviewed

Repository URI

https://www.repository.cam.ac.uk/handle/1810/256299

Repository DOI

https://doi.org/10.17863/CAM.240
Thumbnail Image

Files

Accepted version (1.1 MB)

Type

Conference Object

Change log

Authors

Stajano, Frank  ORCID logo  https://orcid.org/0000-0001-9186-6798

Abstract

Password sharing is widely used as a means of delegating access, but it is open to abuse and relies heavily on trust in the person being delegated to. We present a protocol for delegating access to websites as a natural extension to the Pico protocol. Through this we explore the potential characteristics of delegation mechanisms and how they interact. We conclude that security for the delegator against misbehaviour of the delegatee can only be achieved with the cooperation of the entity offering the service being delegated. To achieve this in our protocol we propose configurable cookies that capture delegated permissions.

Description

Keywords

46 Information and Computing Sciences, 4604 Cybersecurity and Privacy

Journal Title

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Conference Name

Cambridge International Workshop on Security Protocols

Journal ISSN

0302-9743
1611-3349

Volume Title

10368 LNCS

Publisher

Springer

Publisher DOI

https://doi.org/10.1007/978-3-319-62033-6_17

Rights and licensing

undefined
Except where otherwised noted, this item's license is described as http://www.rioxx.net/licenses/all-rights-reserved
Sponsorship
European Research Council (307224)
We are grateful to the European Research Council for funding this research through grant StG 307224 (Pico).

Collections

Scholarly Works - Computer Science and Technology
Symplectic mapped items for data match