A Proof-Carrying Authorization System
Abstract:
We describe an infrastructure for distributed
authorization based on the ideas of proof-carrying authorization
(PCA). PCA is more general and more flexible than traditional
distributed authorization systems. We extend PCA with the notion of
goals and sessions, and add a module system to the proof language.
Our framework makes it possible to locate and use pieces of the
security policy that have been distributed across arbitrary hosts. We
provide a mechanism which allows pieces of the security policy to be
hidden from unauthorized clients. As a prototype application we have
developed modules that extend a standard web server and a standard web
browser to use proof-carrying authorization to control access to web
pages. The web browser generates proofs mechanically by iteratively
fetching proof components until a proof can be constructed. We provide
for iterative authorization, by which a server can require a browser
to prove a series of challenges. Our prototype implementation includes
a series of optimizations, such as speculative proving and
modularizing and caching proofs, which allows proof-carrying
authorization to be used with minimal performance and bandwidth
overheads.