Towards Role Based Trust Management without Distributed Searching of Credentials

Authors:
Gang Yin;Huaimin Wang;Jianquan Ouyang;Ning Zhou;Dianxi Shi
Affiliations:
School of Computer, National University of Defense Technology, Changsha, China;School of Computer, National University of Defense Technology, Changsha, China;College of Information Engineering, Xiangtan University, Xiangtan, China;Institute of Electronic System Engineering of China, Beijing, China;School of Computer, National University of Defense Technology, Changsha, China
Venue:
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Year:
2008

Citing 13
Cited 0

Policy-directed certificate retrieval

Software—Practice & Experience
Distributed credential chain discovery in trust management: extended abstract

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Certificate chain discovery in SPKI?SDSI

Journal of Computer Security
Logic, Programming, and PROLOG

Logic, Programming, and PROLOG
Compliance Checking in the PolicyMaker Trust Management System

FC '98 Proceedings of the Second International Conference on Financial Cryptography
Fast Access Control Decisions from Delegation Certificate Databases

ACISP '98 Proceedings of the Third Australasian Conference on Information Security and Privacy
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Delegation logic: a logic-based approach to distributed authorization

Delegation logic: a logic-based approach to distributed authorization
Cassandra: Flexible Trust Management, Applied to Electronic Health Records

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Distributed credential chain discovery in trust management with parameterized roles and constraints (short paper)

ICICS'06 Proceedings of the 8th international conference on Information and Communications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trust management systems enable decentralized authorization by searching distributed credentials from network. We argue that such distributed searching processes may encounter many technical or non-technical problems, and can be avoided by storing delegation credentials redundantly with acceptable costs. We propose a scoped-role based trust management system ScoRT, using a novel credential affiliation model to compute the credentials necessary for role membership decisions, which can be used to guide the storage, retrieval and revocation of credentials. The algorithm for distributed credential storage and retrieval is designed based on the model and its sound and complete properties are formally analyzed with respect to ScoRT semantics. Complexity analysis and estimation show that, by redundantly storing acceptable amount of delegation credentials, ScoRT enables more practical and automatic authorization without searching credentials from remote entities, and thus helps to overcome the deficiencies of existing approaches.