|Title||On the deployment of a real scalable delegation service|
|Publication Type||Journal Article|
|Year of Publication||2007|
|Authors||J. Lopez, I. Agudo, and J. A. Montenegro|
|Journal||Information Security Technical Report|
|Date Published||Jun 2007|
This paper explains the evolution of the concept of delegation since its first references in the context of distributed authorization to the actual use as a fundamental part of a privilege management architecture. The work reviews some of the earliest contributions that pointed out the relevance of delegation when dealing with distributed authorization, in particular we comment on PolicyMaker and Keynote, and also on SDSI/SPKI. Then, we elaborate on Federation as a particular case of delegation, and remark the importance given to federation by the industry. Finally, the paper discusses about privilege management infrastructures, introducing a new mechanism to extend their functionality using advanced delegation services.
On the deployment of a real scalable delegation service