Automatic generation of production rules for integrity maintenance
ACM Transactions on Database Systems (TODS)
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
Using encryption for authentication in large networks of computers
Communications of the ACM
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
The Design of the POSTGRES Storage System
VLDB '87 Proceedings of the 13th International Conference on Very Large Data Bases
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Distributed credential chain discovery in trust management
Journal of Computer Security
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Extending Relational Database Systems to Automatically Enforce Privacy Policies
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Understanding SPKI/SDSI using first-order logic
International Journal of Information Security
Redundancy and information leakage in fine-grained access control
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Flexible and efficient access control in oracle
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
Apply Model Checking to Security Analysis in Trust Management
ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
ICISS'05 Proceedings of the First international conference on Information Systems Security
Trust management of services in cloud environments: Obstacles and solutions
ACM Computing Surveys (CSUR)
Semantic security against web application attacks
Information Sciences: an International Journal
Hi-index | 0.00 |
The widespread diffusion of Web-based services provided by public and private organizations emphasizes the need for a flexible solution for protecting the information accessible through Web applications. A promising approach is represented by credential-based access control and trust management. However, although much research has been done and several proposals exist, a clear obstacle to the realization of their benefits in data-intensive Web applications is represented by the lack of adequate support in the DBMSs. As a matter of fact, DBMSs are often responsible for the management of most of the information that is accessed using a Web browser or a Web service invocation. In this article, we aim at eliminating this gap, and present an approach integrating trust management with the access control of the DBMS. We propose a trust model with a SQL syntax and illustrate an algorithm for the efficient verification of a delegation path for certificates. Our solution nicely complements current trust management proposals allowing the efficient realization of the services of an advanced trust management model within current relational DBMSs. An important benefit of our approach lies in its potential for a robust end-to-end design of security for personal data in Web scenario, where vulnerabilities of Web applications cannot be used to violate the protection of the data residing on the database server. We also illustrate the implementation of our approach within an open-source DBMS discussing design choices and performance impact.