VPAF

A variety of credential validation and transitive trust models have been developed that provide a wide range of semantics including conveyance of credential revocation, currently available trust management systems marry a particular certificate validation scheme with a particular transitive trust model. This pairing limits the versatility of the resulting access control frameworks to contexts where both are well suited to the application domain. Furthermore, trust management may be employed to enable a prolonged access such as ability to login or control a particular vehicle where it would be inefficient for each command to trigger a distinct access control decision. However, currently available trust management systems are designed to authorize instantaneous transactions and provide no mechanism to inform the access controller should the coalition be terminated.

Validated and Prolonged Authentication Framework addresses both these challenges by providing a generic access decision framework that enables the modular pairing of validation and authorization components based on application constraints in a manner that enables the monitoring of access control decisions. VPAF will provide an access controller "client" interface that accepts access control queries comprising the Access Request specifying the requestor's identity, the credentials they present. And the access control class being requested, VPAF then manages the validation of these credentials, which is actually carried out by a generic Credential Validation module, and the tasking of a generic Authorization Module to determine the access control decision the validated credentials convey. In order to enable flexible configuration, the credential format is opaque to VPAF, and its payload's format is opaque to both the Validation Module and VPAF, as is the specification of requested access class and the access decision. VPAF maintains an evidence locker responsible for storing credentials including their payloads and validation status and their relevance to access control decisions. It also is responsible for triggering re-evaluation of an authorization relationship when an associated credential's validation status changes.

A recent publication on this research topic can be found in my Publications page.