November 19th, 2007
You know how a lot of people, when they post presentation slides, say that it’s really difficult to “get” the presentation from just the slides? Well I mean it. Seriously. My slides have very few words. If you’re still interested, be sure to check out the actual paper (pdf).
I don’t use PowerPoint or the like, instead I use a XUL application that runs in any Mozilla based-browser (like Firefox, Camino, Netscape etc.). In order to see the presentation, you’ll need to use one of those browsers.
This presentation was given at the Digital Identity Management Workshop of CCS in Virginia on 2 November 2007.
To download the presentation to view it locally I’ve also bundled it into a zip file
These slides were presenting the paper Using Reputation to Augment Explicit AuthorizationThe essence of our argument is that there is a spectrum of authorization approaches.
- no authorization
- authentication as authorization (where you can do anything if you are only able to log in)
- explicit authorization where someone has to manually grant access to another person.
The first two can be automated, no manual intervention required. The gap between the second and third is considerable. We believe that reputation can be used to bridge that wide gap giving systems many characteristics of explicit authorization in an automated way, so that the system itself can be self scaling (in terms of authenticating users).