A Mechanism for Identity Delegation at Authentication Level

Authentication and access control are normally considered separate security concepts that have separate goals and are supported by separate security mechanisms. In most operating systems, however, access control is exclusively based on the identity of the requesting principal, e.g., an access control mechanism based on Access Control Lists simply verifies that the authenticated identity of the requesting principal is on the list of authorized users. In this paper we propose a delegation mechanism for nomadic users, which exploits the amalgamation of authentication and access control in most operating systems, by delegating privileges at the identity level. The complexity of classic delegation models, especially if it strictly fol- lows the principle of least privileges, often leads to poor usability which motivates a user to circumvent the default delegation mechanism. On the other hand, the identity delegation makes good use of trust relationships between users of a particular environment and offers the possibility of improved usability. Although it might violate the principle of least privileges, but practically it could increase the over all security of a nomadic environment where users need to frequently delegate their duties. The proposed mechanism is independent of the choice of access control mechanism, as there is no distinction between a delegator and a delegatee for the rest of the system and the delegation event is only logged at the authentication level. Due to its improved usability, the motivation of sharing authentication tokens is reduced.