Access Control in Distributed Systems using SPKI Authorisation Certificates

In distributed systems, the ability to effectively manage access to a large number of resources can be challenging. The situation becomes even more difficult, when there are limited computational resources or network availability to implement the access control solution. Examples are Internet of Things (IoT) applications, such as the many internet-connected devices at home. To make them easy to use, there has to exist a relatively simple way to manage the large number of devices and to, e.g., grant temporary access to some of them for a visiting friend. In this dissertation, I examine how the problem can be overcome with the Simple Public Key Infrastructure (SPKI), which expresses access rights as cryptographically signed authorisation certificates. I approach the issue from several angles. First, I develop a phase model to analyse the access control process / certificate life-cycle and use it to study SPKI and other certificate technologies for access control while pointing out areas requiring future work. Although SPKI has been studied for some 20 years, standardisation has not been completed. I identify three important missing parts of SPKI in utilising the certificates, as well as in managing and validating online conditions. I also expand the SPKI model to support usage quotas. I then design solutions for all these areas and analyse the resultant system for its applicability, scalability, security and usability. Of particular interest are system performance and privacy. My final focus area is certificate chain reduction, a proposed way to improve performance and privacy of SPKI. I study the approach in detail, identify the relevant design choices for the systems architect, and design a protocol for requesting reductions. For performance evaluation we implemented a prototype, which demonstrates that even modern embedded devices can reach transaction times of one second including all communication delays and using only a software implementation for cryptography. We also found that the transaction was over 40 % faster with chain reduction thus proving the promise of improved performance. Using such reductions does requires a reduction server, but calculations from our use case show that even with pessimistic assumptions, a single reduction server can support millions of users thus making scalability a manageable issue. Privacy-wise, SPKI is a good solution with support for anonymous identities - and chain reduction can further improve user privacy by hiding additional information. Finally, all my use cases demonstrate the same certificate chain structure, an hourglass-model, which I hypothesise is prevalent in many other systems, as well. It forms natural basis for reduction and provides for a consistent performance regardless of certificate chain length.