The complexity of propositional linear temporal logics
Journal of the ACM (JACM)
Handbook of logic in computer science (vol. 4)
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM
Notions of reputation in multi-agents systems: a review
Proceedings of the first international joint conference on Autonomous agents and multiagent systems: part 1
Automated Software Engineering
Stack inspection: Theory and variants
ACM Transactions on Programming Languages and Systems (TOPLAS)
Temporal Logic with Forgettable Past
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Event Structure Semantics for CCS and Related Languages
Proceedings of the 9th Colloquium on Automata, Languages and Programming
Synthesizing Monitors for Safety Properties
TACAS '02 Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
A Logic for Reasoning about Digital Rights
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Word problems requiring exponential time(Preliminary Report)
STOC '73 Proceedings of the fifth annual ACM symposium on Theory of computing
Log Auditing through Model-Checking
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Reputation-based trust management
Journal of Computer Security - Special issue on WITS'03
A survey of trust and reputation systems for online service provision
Decision Support Systems
The temporal logic of programs
SFCS '77 Proceedings of the 18th Annual Symposium on Foundations of Computer Science
Using Trust for Secure Collaboration in Uncertain Environments
IEEE Pervasive Computing
History-based access control with local policies
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A calculus for trust management
FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science
A First-Order Policy Language for History-Based Transaction Monitoring
ICTAC '09 Proceedings of the 6th International Colloquium on Theoretical Aspects of Computing
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Towards defining semantic foundations for purpose-based privacy policies
Proceedings of the first ACM conference on Data and application security and privacy
A trust-augmented voting scheme for collaborative privacy management
STM'10 Proceedings of the 6th international conference on Security and trust management
Deriving trust from experience
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
On XACML's adequacy to specify and to enforce HIPAA
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Proceedings of the 18th ACM symposium on Access control models and technologies
Relational abstraction in community-based secure collaboration
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
An HBAC-based approximation for IBAC programs
Proceedings of the 6th International Conference on Security of Information and Networks
Interaction provenance model for unified authentication factors in service oriented computing
Proceedings of the 4th ACM conference on Data and application security and privacy
A trust-augmented voting scheme for collaborative privacy management
Journal of Computer Security - STM'10
Hi-index | 0.00 |
Reputation systems are meta systems that record, aggregate and distribute information about principals' behaviour in distributed applications. Similarly, history-based access control systems make decisions based on programs' past security-sensitive actions. While the applications are distinct, the two types of systems are fundamentally making decisions based on information about the past behaviour of an entity. A logical policy-centric framework for such behaviour-based decision-making is presented. In the framework, principals specify policies which state precise requirements on the past behaviour of other principals that must be fulfilled in order for interaction to take place. The framework consists of a formal model of behaviour, based on event structures; a declarative logical language for specifying properties of past behaviour; and efficient dynamic algorithms for checking whether a particular behaviour satisfies a property from the language. It is shown how the framework can be extended in several ways, most notably to encompass parameterized events and quantification over parameters. In an extended application, it is illustrated how the framework can be applied for dynamic history-based access control for safe execution of unknown and untrusted programs.