Skip to main content

Technical Reports: CMU-CyLab-06-002

Title:Consumable Credentials in Logic-Based Access Control
Authors:Lujo Bauer, Kevin D. Bowers, Frank Pfenning, and Michael K. Reiter
Publication Date:February 10, 2006


We present a framework to support consumable credentials in a logic-based distributed authorization system. Such credentials convey use-limited authority (e.g., to open a door once) or authority to utilize resources that are themselves limited (e.g., to spend money).We design a framework based on linear logic to enforce the consumption of credentials in a distributed system, and to protect credentials from nonproductive consumption as might result from misbehavior or failure. Finally, we give several usage examples in the framework, and evaluate the performance of our implementation for use in a ubiquitous computing deployment at our institution.

Full Report: CMU-CyLab-06-002