Technical Reports (CIS)

Document Type

Technical Report

Date of this Version

January 2006


University of Pennsylvania Department of Computer and Information Science Technical Report No. MS-CIS-06-02.


The Internet enables global sharing of data across organizational boundaries. Traditional access control mechanisms are intended for one or a small number of machines under common administrative control, and rely on maintaining a centralized database of user identities. They fail to scale to a large user base distributed across multiple organizations. This survey provides a taxonomy of decentralized access control mechanisms intended for large scale, in both administrative domains and users. We identify essential properties of such access control mechanisms. We analyze popular networked file systems in the context of our taxonomy.


authentication, authorization, certificates, credentials, decentralized access control, networked file systems, trust management



Date Posted: 20 February 2007