Detailed Information

Wave: A decentralized authorization framework with transitive delegation

Cited 30 time in Web of Science Cited 46 time in Scopus

Andersen, Michael P.; Kumar, Sam; AbdelBaky, Moustafa; Fierro, Gabe; Kolb, John; Kim, Hyung-Sin; Culler, David E.; Popa, Raluca Ada

Issue Date
USENIX Association
Proceedings of the 28th USENIX Security Symposium, pp.1375-1392
Most deployed authorization systems rely on a central trusted service whose compromise can lead to the breach of millions of user accounts and permissions. We present WAVE, an authorization framework offering decentralized trust: no central services can modify or see permissions and any participant can delegate a portion of their permissions autonomously. To achieve this goal, WAVE adopts an expressive authorization model, enforces it cryptographically, protects permissions via a novel encryption protocol while enabling discovery of permissions, and stores them in an untrusted scalable storage solution. WAVE provides competitive performance to traditional authorization systems relying on central trust. It is an open-source artifact and has been used for two years for controlling 800 IoT devices.
Files in This Item:
There are no files associated with this item.
Appears in Collections:

Related Researcher

  • Graduate School of Data Science
Research Area Distributed machine learning, Edge, Mobile AI


Item View & Download Count

  • mendeley

Items in S-Space are protected by copyright, with all rights reserved, unless otherwise indicated.