The role of trust management in distributed systems security
Secure Internet programming
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Knowledge Representation, Reasoning, and Declarative Problem Solving
Knowledge Representation, Reasoning, and Declarative Problem Solving
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Distributed credential chain discovery in trust management
Journal of Computer Security
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Answer set programming for distributed authorization: the language, computations, and application
AI'05 Proceedings of the 18th Australian Joint conference on Advances in Artificial Intelligence
DEAL: A Distributed Authorization Language for Ambient Intelligence
International Journal of Ambient Computing and Intelligence
| Hi-index | 0.00 |
Trust management is a promising approach for the authorization in distributed environment. There are two key issues for a trust management system: how to design high-level policy language and how to solve the compliance-checking problem [3,4]. We adopt this approach to deal with distributed authorization with delegation. In this paper, we propose an authorization language${\cal AL}$, a human-understandable high level language to specify various authorization policies. We define the semantics of ${\cal AL}$ through Answer Set Programming. Language ${\cal AL}$ has rich expressive power which can not only specify delegation, threshold structures addressed in previous approaches, but also represent structured resources and privileges, positive and negative authorizations, separation of duty, incomplete information reasoning and partial authorization and delegation. We also demonstrate the application of language ${\cal AL}$ through an authorization scenario.