Conclusions

In this paper we presented a generic authorization mechanism that supports a variety of security mechanisms based on public or secret key cryptography. The mechanism is extensible across multiple applications supporting different operations and different kinds of protected objects. Alternative implementations may be chosen for underling security services that support the API. By extending the traditional ACLs and capabilities with conditions on authorized rights we are able to support a flexible distributed authorization mechanism, allowing applications and users to define their own access control policies either independently or in conjunction with centralized authorization and group servers. The problem of policy translation is addressed by using generic or application-specific evaluation functions. We are going to investigate the request and evaluation of additional credentials. The assumption that all relevant credentials are passed for evaluation contradicts privacy requirements. It might not be always desirable to reveal group membership and principal attributes up front. We have integrated our model with several applications.