Distributed credential chain discovery in trust management with parameterized roles and constraints (short paper)

Authors:
Ziqing Mao;Ninghui Li;William H. Winsborough
Affiliations:
CERIAS and Department of Computer Science, Purdue University;CERIAS and Department of Computer Science, Purdue University;Department of Computer Science, University of Texas at San Antonio
Venue:
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Year:
2006

Citing 15
Cited 3

Magic templates: a spellbinding approach to logic programs

Journal of Logic Programming
Constraint query languages

Selected papers of the 9th annual ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Role-Based Access Control Models

Computer
Tabled evaluation with delaying for general logic programs

Journal of the ACM (JACM)
Policy-directed certificate retrieval

Software—Practice & Experience
Certificate chain discovery in SPKI?SDSI

Journal of Computer Security
Memoing Evaluation for Constraint Extensions of Datalog

Constraints
DATALOG with Constraints: A Foundation for Trust Management Languages

PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Reachability Analysis of Pushdown Automata: Application to Model-Checking

CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
Constraint Databases: A Survey

Selected Papers from a Workshop on Semantics in Databases
Distributed credential chain discovery in trust management

Journal of Computer Security
Analysis of SPKI/SDSI Certificates Using Model Checking

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Decentralized trust management

SP'96 Proceedings of the 1996 IEEE conference on Security and privacy

Distributed Authorization by Multiparty Trust Negotiation

ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards Role Based Trust Management without Distributed Searching of Credentials

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Formal verification of security properties in trust management policy

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trust management (TM) is an approach to access control in decentralized distributed systems with access control decisions based on statements made by multiple principals. Li et al. developed the RT family of Role-Based Trust-management languages, which combine the strengths of Role-Based Access Control and TM systems. We present a distributed credential chain discovery algorithm for RT1C, a language in the RT family that has parameterized roles and constraints. Our algorithm is a combination of the logic-programming style top-down query evaluation with tabling and a goal-directed version of the deductive database style bottom-up evaluation. Our algorithm uses hints provided through the storage types to determine whether to use a top-down or bottom-up strategy for a particular part of the proof; this enables the algorithm to touch only those credentials that are related to the query, which are likely to be a small fraction of all the credentials in the system.