Least Privilege & Special Powers of Attorney (UNCLASSIFIED)
- To: <myproxy-users@ncsa.uiuc.edu>
- Subject: Least Privilege & Special Powers of Attorney (UNCLASSIFIED)
- From: "Friedrichs, Paul D CTR DISA PEO-IAN" <Paul.Friedrichs.ctr@disa.mil>
- Date: Thu, 12 Apr 2007 10:22:55 -0400
- Content-class: urn:content-classes:message
- Content-transfer-encoding: 8bit
- Content-type: text/plain; charset="us-ascii"
- Sender: owner-myproxy-users@ncsa.uiuc.edu
- Thread-index: Acd9Dg48yjpX7pHWT9SG02g1VsbPxg==
- Thread-topic: Least Privilege & Special Powers of Attorney (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
I'm wondering about least privilege - granting the proxy no more
authority than required to perform the function I want "him" to perform
for me. Part of this is limiting the time frame. But much of it is
specifying the way in which the proxy is authorized by me to act on my
behalf.
It's relatively easy to imagine the proxy credential specifying the
commands and destinations (where the commands are to be sent). But
perhaps I don't understand the details of the function I am asking and
authorizing the proxy to perform on my behalf. At a business level,
perhaps the prospective proxy doesn't even want me to understand the
details for fear of "dis-intermediation." In any case, such specificity
may be excessively restrictive for the proxy, which may have other ways
of getting the job done.
So it seems there would be value in having a schema for specifying
business functions in proxy credentials so relying parties would be able
to understand the restriction. The functions would likely be
domain-specific, but the concept and the syntax might be standardized.
Has there been any thought about how this might be done?
Again, thanks.
Classification: UNCLASSIFIED
Caveats: NONE