Duplication Problem in Treaty systems: Causes and Solutions

Yining Zhao1 and Alan Wood2

  1. Department of Computer Science
    University of York, York, UK
    yz616@york.ac.uk
  2. Department of Computer Science
    University of York, York, UK
    alan.wood@york.ac.uk

Abstract

Capabilities are a more scalable and adaptive access control approach compared with the conventional approaches such as ACLs, due to their being held and managed by users or agents in systems, but not the middleware. This feature makes capabilities more suitable in distributed environments that have dynamic populations. Treaties have been proposed to enhance the capability approach by introducing sequences of actions, such that treaties can capture characteristics of behaviours, and provide finer control over accesses. However there is a new problem brought by the behaviour modeling of treaties which is called duplication problem, which concerns preventing users from gaining unauthorized behaviour by duplicating treaties. In this paper we provide the formal definitions of treaty operations, and discuss the causes of the duplication problem, and how treaty operations can affect this. We also propose three models of treaty systems that aim to solve the duplication problem, and evaluating their performance and scalability.

Key words

Behaviour Control, Access Control, Duplication Problem, Treaties, Distributed Computing

Digital Object Identifier (DOI)

https://doi.org/10.2298/CSIS130204009Z

Publication information

Volume 11, Issue 1 (January 2014)
Year of Publication: 2014
ISSN: 1820-0214 (Print) 2406-1018 (Online)
Publisher: ComSIS Consortium

Full text

DownloadAvailable in PDF
Portable Document Format

How to cite

Zhao, Y., Wood, A.: Duplication Problem in Treaty systems: Causes and Solutions. Computer Science and Information Systems, Vol. 11, No. 1, 291–308. (2014)