The IRL Blog
See the latest blog posts from members of the IRL group

IRL Member Blogs

In addition to our main blog on this site, some members of our group also maintain individual blogs:

August 19, 2020 / by John Dellaverson

Paper Reading: Decentralized Trust Management

We recently read the Paper ‘Decentralized Trust Management’ by Matt Blaze, Joan Feigenbaum, and Jack Lacy. To begin with a (very abridged and approximate) summary of the paper itself: the paper was written in 1996, and is primarily concerned with making the argument that not only were then-current trust management systems (PGP, X.509) insufficient/poorly matched to the task of managing trust, but also that a better option would be to have the trust management credential (e.g. the certificate) hold all the information about whether or not an action can be taken. This in turn leads directly to authorization (or lack thereof). To this end, the paper outlined the PolicyMaker system, which implements the aforementioned option. To applications, the system appears to be a query engine on top of a database. The queries are of the form key1, key2, … keyn REQUESTS ActionString. If the ActionString matches some filter (which, to a good approximation, can be either regular expressions or AWK programs) that was set up in PolicyMaker. In this way, PolicyMaker can authenticate requests like ‘Bill for < $500 from Janice’.

Read more

May 01, 2019 / by

Spyridon graduation

Spyridon Mastorakis successfully defended his thesis and graduated!

Read more

June 01, 2018 / by

Haitao Zhang's Graduation

Haitao Zhang successfully defended his Ph.D thesis and graduated!

Read more
Older Entries Newer Entries