delegation of authority n.
Skip this Video
Loading SlideShow in 5 Seconds..
Delegation of Authority PowerPoint Presentation
Download Presentation
Delegation of Authority

Delegation of Authority

468 Views Download Presentation
Download Presentation

Delegation of Authority

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Delegation of Authority David Chadwick

  2. Motivations • To allow people to delegate roles to other people, so that they can perform tasks that were previously denied to them • To ease the management of permissions through distribution and delegation, which aids scalability (as opposed to centralised control) • To facilitate inter-organisation federations, by allowing one organisation to leverage the role allocations in another organisation and thereby give them access to their resources in a controlled manner

  3. Assigning and Delegating Privileges in Organisations “I authorise this Privilege Holder to use this resource in the following ways” signed The Resource Owner Resource Owner Assigns privilege “I delegate authority to this End User to use this resource in this limited way” signed The Privilege Holder Privilege Holder End User (Privilege Holder) Delegates privilege

  4. Points to holder AC Points to issuer Points to Issued On Behalf Of Delegation Policy Policy The X.509 Delegation Service SOA Bill Issues AC to Issues AC to AA Alice Delegation Issuing Service (DIS) Issues AC to End Entity Bob

  5. Apache DIS Java DIS Communications DIS Web Service Web browser SSL or Shibboleth Web Service Interface

  6. Issuer’s AC Policy DIS Web Service Authenticate DIS Client Map identities Authn name Authzn name PERMIS RBAC Credential Validation Request Authorisation DIS PEP PDP Delegation Issuing Policy IssueAC Web service interface publishAC Sign AC LDAP server

  7. Demonstration • The DIS demo is available at Acknowledgement This work was funded under the JISC DyVOSE project