ACM Transactions on Information and System Security (TISSEC)
Authorization Based on Evidence and Trust
DaWaK 2000 Proceedings of the 4th International Conference on Data Warehousing and Knowledge Discovery
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Distributed credential chain discovery in trust management
Journal of Computer Security
The Eigentrust algorithm for reputation management in P2P networks
WWW '03 Proceedings of the 12th international conference on World Wide Web
A reputation-based trust model for peer-to-peer ecommerce communities [Extended Abstract]
Proceedings of the 4th ACM conference on Electronic commerce
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
CPOL: high-performance policy evaluation
Proceedings of the 12th ACM conference on Computer and communications security
Secure context-sensitive authorization
Pervasive and Mobile Computing
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
A survey of trust and reputation systems for online service provision
Decision Support Systems
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Confidentiality-preserving distributed proofs of conjunctive queries
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
Social-Compliance in Trust Management within Virtual Communities
WI-IAT '11 Proceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Volume 03
PlexC: a policy language for exposure control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Hi-index | 0.00 |
Despite a plethora of recent research regarding trust management approaches to authorization, relatively little attention has been given to exactly how these technologies can be effectively deployed. In this paper, we investigate one way in which well-established logical trust management systems described in the literature can be deployed within enterprise environments. Specifically, we develop a framework within which logical trust management policies can be managed using a relational DBMS. We describe a correct and complete procedure for compiling CTM credentials into dynamic views within a database, and show how the resulting system can be used to perform role membership checks or to enumerate the members of a given role. We then propose a hybrid algorithm that leverages the logical ruleset and the underlying DBMS to efficiently enumerate the capabilities ascribed to a given user. We also present an evaluation of a prototype implementation of our framework that demonstrates the practicality of our approach. As CTM extends the RT family of trust management languages---which are representative of a large class of Datalog-based trust management systems---our work is likely generalizable to other trust management approaches.