The access control model plays a central role in most of computer security. It is pervasive, and provides a basis for secrecy and integrity security policies. Authentication and authorization are two of the fundamental components of this model. In a distributed system, authentication and authorization are harder, in particular because of the heterogeneity and the autonomy of subsystems.
This project addresses problems and opportunities related to access control in distributed systems. It aims to further the design and analysis of models and mechanisms for authentication and authorization. In particular, it investigates the design and analysis of protocols for authentication and related purposes. It also investigates fine-grained authorization in extensible software systems. Some parts of this project are rather informal; others exploit ideas from programming-language research and rely on the development of formal calculi.
