Programming in Prolog
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Maintaining views incrementally
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Declarative routing: extensible routing with declarative queries
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Implementing declarative overlays
Proceedings of the twentieth ACM symposium on Operating systems principles
Declarative networking: language, execution and optimization
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Querying the internet with PIER
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Towards a declarative language and system for secure networking
NETB'07 Proceedings of the 3rd USENIX international workshop on Networking meets databases
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Evita raced: metacompilation for declarative networks
Proceedings of the VLDB Endowment
Unified Declarative Platform for Secure Netwoked Information Systems
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Exception analysis and points-to analysis: better together
Proceedings of the eighteenth international symposium on Software testing and analysis
Strictly declarative specification of sophisticated points-to analyses
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
On chase termination beyond stratification
Proceedings of the VLDB Endowment
Boom analytics: exploring data-centric, declarative programming for the cloud
Proceedings of the 5th European conference on Computer systems
CloudViews: communal data sharing in public clouds
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Towards a data-centric view of cloud security
CloudDB '10 Proceedings of the second international workshop on Cloud data management
Datalog and emerging applications: an interactive tutorial
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Recent advances in declarative networking
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
LogicBlox, platform and language: a tutorial
Datalog 2.0'12 Proceedings of the Second international conference on Datalog in Academia and Industry
Declarative datalog debugging for mere mortals
Datalog 2.0'12 Proceedings of the Second international conference on Datalog in Academia and Industry
Hi-index | 0.00 |
We present SecureBlox, a declarative system that unifies a distributed query processor with a security policy framework. SecureBlox decouples security concerns from system specification, allowing easy reconfiguration of a system's security properties to suit a given execution environment. Our implementation of SecureBlox is a series of extensions to LogicBlox, an emerging commercial Datalog-based platform for enterprise software systems. SecureBlox enhances LogicBlox to enable distribution and static meta-programmability, and makes novel use of existing LogicBlox features such as integrity constraints. SecureBlox allows meta-programmability via BloxGenerics - a language extension for compile-time code generation based on the security requirements and trust policies of the deployed environment. We present and evaluate detailed use-cases in which SecureBlox enables diverse applications, including an authenticated declarative routing protocol with encrypted advertisements and an authenticated and encrypted parallel hash join operation. Our results demonstrate SecureBlox's abilities to specify and implement a wide range of different security constructs for distributed systems as well as to enable tradeoffs between performance and security.