ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Authentication in the Taos operating system
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Role-Based Access Control Models
Computer
PICS: Internet access controls without censorship
Communications of the ACM
An authentication logic supporting synchronization, revocation, and recency
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
IEEE ADL '97 Proceedings of the IEEE international forum on Research and technology advances in digital libraries
ACM Transactions on Database Systems (TODS)
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Generalized certificate revocation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An architecture for distributed OASIS services
IFIP/ACM International Conference on Distributed systems platforms
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
On SDSI's linked local name spaces
Journal of Computer Security
Policy-directed certificate retrieval
Software—Practice & Experience
Dynamically distributed query evaluation
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
ACM Transactions on Information and System Security (TISSEC)
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
ConChord: Cooperative SDSI Certificate Storage and Name Resolution
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A General and Flexible Access-Control System for the Web
Proceedings of the 11th USENIX Security Symposium
Distributed credential chain discovery in trust management
Journal of Computer Security
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Logic for SDSI's Linked Local Name Spaces: Preliminary Version
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Analysis of SPKI/SDSI Certificates Using Model Checking
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Formal Semantics for SPKI
A Logical Reconstruction of SPKI
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Requirements for Policy Languages for Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Recent-secure authentication: enforcing revocation in distributed systems
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Naming and sharing resources across administrative boundaries
Naming and sharing resources across administrative boundaries
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Access control for the web via proof-carrying authorization
Access control for the web via proof-carrying authorization
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Driving and Monitoring Provisional Trust Negotiation with Metapolicies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Understanding SPKI/SDSI using first-order logic
International Journal of Information Security
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Risk management for distributed authorization
Journal of Computer Security
Experience with the keynote trust management system: applications and future directions
iTrust'03 Proceedings of the 1st international conference on Trust management
Authorization control in collaborative healthcare systems
Journal of Theoretical and Applied Electronic Commerce Research
Credential chain discovery in RTTtrust management language
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Trust management languages and complexity
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part II
Trust mechanisms in wireless sensor networks: Attack analysis and countermeasures
Journal of Network and Computer Applications
The semantics of role-based trust management languages
CEE-SET'09 Proceedings of the 4th IFIP TC 2 Central and East European conference on Advances in Software Engineering Techniques
DKAL*: constructing executable specifications of authorization protocols
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Belief semantics of authorization logic
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Trust management systems are frameworks for authorization in modern distributed systems, allowing remotely accessible resources to be protected by providers. By allowing providers to specify policy, and access requesters to possess certain access rights, trust management automates the process of determining whether access should be allowed on the basis of policy, rights, and an authorization semantics. In this paper we survey modern state-of-the-art in trust management authorization, focusing on features of policy and rights languages that provide the necessary expressiveness for modern practice. We characterize systems in light of a generic structure that takes into account components of practical implementations. We emphasize systems that have a formal foundation, since security properties of them can be rigorously guaranteed. Underlying formalisms are reviewed to provide necessary background.