ACM Transactions on Computer Systems (TOCS)
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A survey of trust in internet applications
IEEE Communications Surveys & Tutorials
Design, implementation, and deployment of the iKP secure electronic payment system
IEEE Journal on Selected Areas in Communications
Hi-index | 0.24 |
This paper considers the use of local policy enforcement in communication networks. Compliance with the security policy is important, especially if the system is based on the concept of Public Key Certificate. Our approach discusses the design of a trust management scheme that integrates a model for the specification of entities and actions, a mechanism for identifying users, authorizations, and delegations, and a compliance engine. The model is based on the use of an axiomatic representation of security requirements. The compliance engine integrates a relational calculus that allows proof and verification. Three cases are addressed to validate the model: the anonymous payment system, clinical information system, and distributed firewall systems.