Changes between Version 3 and Version 4 of TIEDABACDemo


Ignore:
Timestamp:
07/10/09 12:28:50 (10 years ago)
Author:
faber@isi.edu
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TIEDABACDemo

    v3 v4  
    3737[[Image(Creds.png)]]
    3838
    39 The image above points out that each arrow maps into an ABAC credential: an element that can be used in a proof.  Because each of these is a signed assertion of a fact or delegation of authority, walking the arrows to an attribute corresponds to collecting those signed credentials, which establishes a trust relationship.  ABAC credentials allow principals to negotiate directly about what they consider adequate proof.
     39The image above shows how to walk the chain of attribute assignments and delegations to prove a principal has a given attribute.  In this case, it shows that Ted has the GOP.demo attribute.  It also points out that each arrow maps into an ABAC credential: an element that can be used in a proof.  Because each of these is a signed assertion of a fact or delegation of authority, walking the arrows to an attribute corresponds to collecting those signed credentials, which establishes a trust relationship.  ABAC credentials allow principals to negotiate directly about what they consider adequate proof.