Leases: an efficient fault-tolerant mechanism for distributed file cache consistency
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
Design and implementation of a distributed virtual machine for networked computers
Proceedings of the seventeenth ACM symposium on Operating systems principles
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
A lattice model of secure information flow
Communications of the ACM
The role of trust management in distributed systems security
Secure Internet programming
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Lattice-Based Access Control Models
Computer
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Group Principals and the Formalization of Anonymity
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
System Description: Twelf - A Meta-Logical Framework for Deductive Systems
CADE-16 Proceedings of the 16th International Conference on Automated Deduction: Automated Deduction
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Naming and sharing resources across administrative boundaries
Naming and sharing resources across administrative boundaries
Access control for the web via proof-carrying authorization
Access control for the web via proof-carrying authorization
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Nexus: a new operating system for trustworthy computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Non-Interference in Constructive Authorization Logic
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Design and Semantics of a Decentralized Authorization Language
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Alpaca: extensible authorization for distributed services
Proceedings of the 14th ACM conference on Computer and communications security
A user study of policy creation in a flexible access-control system
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
DKAL: Distributed-Knowledge Authorization Language
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Variations in Access Control Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Security controls in the ADEPT-50 time-sharing system
AFIPS '69 (Fall) Proceedings of the November 18-20, 1969, fall joint computer conference
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Soutei, a logic-based trust-management system
FLOPS'06 Proceedings of the 8th international conference on Functional and Logic Programming
Device-enabled authorization in the grey system
ISC'05 Proceedings of the 8th international conference on Information Security
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
A logic for state-modifying authorization policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
NetQuery: a knowledge plane for reasoning about network properties
Proceedings of the ACM SIGCOMM 2011 conference
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
YouProve: authenticity and fidelity in mobile sensing
Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems
Software abstractions for trusted sensors
Proceedings of the 10th international conference on Mobile systems, applications, and services
Relating declarative semantics and usability in access control
Proceedings of the Eighth Symposium on Usable Privacy and Security
New modalities for access control logics: permission, control and ratification
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Belief semantics of authorization logic
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
cTPM: a cloud TPM for cross-device trusted applications
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Nexus Authorization Logic (NAL) provides a principled basis for specifying and reasoning about credentials and authorization policies. It extends prior access control logics that are based on “says” and “speaks for” operators. NAL enables authorization of access requests to depend on (i) the source or pedigree of the requester, (ii) the outcome of any mechanized analysis of the requester, or (iii) the use of trusted software to encapsulate or modify the requester. To illustrate the convenience and expressive power of this approach to authorization, a suite of document-viewer applications was implemented to run on the Nexus operating system. One of the viewers enforces policies that concern the integrity of excerpts that a document contains; another viewer enforces confidentiality policies specified by labels tagging blocks of text.