Naive evaluation of recursively defined relations
On knowledge base management systems: integrating artificial intelligence and d atabase technologies
Magic sets and other strange ways to implement logic programs (extended abstract)
PODS '86 Proceedings of the fifth ACM SIGACT-SIGMOD symposium on Principles of database systems
A generalization of the differential approach to recursive query evaluation
Journal of Logic Programming
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Maintaining views incrementally
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
A framework for testing safety and effective computability
Journal of Computer and System Sciences
A model, analysis, and protocol framework for soft state-based communication
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Generalized certificate revocation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
ACM Transactions on Computer Systems (TOCS)
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Looking up data in P2P systems
Communications of the ACM
Why and Where: A Characterization of Data Provenance
ICDT '01 Proceedings of the 8th International Conference on Database Theory
Distributed credential chain discovery in trust management
Journal of Computer Security
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Secure routing for structured peer-to-peer overlay networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Declarative routing: extensible routing with declarative queries
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Implementing declarative overlays
Proceedings of the twentieth ACM symposium on Operating systems principles
Declarative networking: language, execution and optimization
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Network monitors and contracting systems: competition and innovation
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Using Attribute-Based Access Control to Enable Attribute-Based Messaging
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
MapReduce: simplified data processing on large clusters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The design and implementation of declarative networks
The design and implementation of declarative networks
Querying the internet with PIER
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Forensic Analysis for Epidemic Attacks in Federated Networks
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
The design and implementation of a declarative sensor network system
Proceedings of the 5th international conference on Embedded networked sensor systems
DKAL: Distributed-Knowledge Authorization Language
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Declarative Network Verification
PADL '09 Proceedings of the 11th International Symposium on Practical Aspects of Declarative Languages
MOSAIC: unified declarative platform for dynamic overlay composition
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
A Security Punctuation Framework for Enforcing Access Control on Streaming Data
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Unified Declarative Platform for Secure Netwoked Information Systems
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Recursive Computation of Regions and Connectivity in Networks
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Communications of the ACM - Scratch Programming for All
Boom analytics: exploring data-centric, declarative programming for the cloud
Proceedings of the 5th European conference on Computer systems
Specifying access control policies on data streams
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Efficient querying and maintenance of network provenance at internet-scale
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
Declarative configuration management for complex and dynamic networks
Proceedings of the 6th International COnference
Maintaining distributed logic programs incrementally
Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming
FSR: formal analysis and implementation toolkit for safe inter-domain routing
Proceedings of the ACM SIGCOMM 2011 conference
Declarative policy-based adaptive mobile ad hoc networking
IEEE/ACM Transactions on Networking (TON)
FSR: formal analysis and implementation toolkit for safe interdomain routing
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
We present a unified declarative platform for specifying, implementing, and analyzing secure networked information systems. Our work builds upon techniques from logic-based trust management systems and declarative networking. We make the following contributions. First, we propose the Secure Network Datalog (SeNDlog) language that unifies Binder, a logic-based language for access control in distributed systems, and Network Datalog, a distributed recursive query language for declarative networks. SeNDlogenables network routing, information systems, and their security policies to be specified and implemented within a common declarative framework. Second, we extend existing distributed recursive query processing techniques to execute SeNDlogprograms that incorporate secure communication via authentication and encryption among untrusted nodes. Third, we demonstrate the use of user-defined cryptographic functions for customizing the authentication and encryption mechanisms used for securing protocols. Finally, using a local cluster and the PlanetLab testbed, we perform a detailed performance study of a variety of secure networked systems implemented using our platform.