Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
Distributed credential chain discovery in trust management
Journal of Computer Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
From MDM to DB2: a case study of security enforcement migration
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Hi-index | 0.00 |
Security policies of large organizations cannot be expressed in the access control policy language defined by the SQL standard and provided by widely used relational database systems, because that language does not support the decentralized policies that are common in large organizations. Trust management frameworks support decentralized policies but generally have not been designed to integrate conveniently with databases. This paper describes a trust management framework for relational databases. Specifically, this paper describes a SQL-based policy language with support for certificate discovery and trust negotiation, a portable system architecture, and a large case study based on an existing realistic policy for electronic health records.