Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
ConChord: Cooperative SDSI Certificate Storage and Name Resolution
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
A Logic for Reasoning about Digital Rights
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A logical reconstruction of SPKI
Journal of Computer Security - Special issue on CSFW14
Towards a credential-based implementation of compound access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Reasoning about common knowledge with infinitely many agents
Information and Computation
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Language based policy analysis in a SPKI Trust Management System
Journal of Computer Security
Efficient trust management policy analysis from rules
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Information and Computation
xDomain: cross-border proofs of access
Proceedings of the 14th ACM symposium on Access control models and technologies
Completeness of discovery protocols
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Efficient proving for practical distributed access-control systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
Abadi has introduced a logic to explicate the meaning of localnames in SDSI, the Simple Distributed Security Infrastructureproposed by Rivest and Lampson. Abadi's logic does not correspondprecisely to SDSI, however; it draws conclusions about local namesthat do not follow from SDSI's name resolution algorithm. Moreover,its semantics is somewhat unintuitive. This paper presents theLogic of Local Name Containment, which does not suffer from thesedeficiencies. It has a clear semantics and provides a tightcharacterization of SDSI name resolution. The semantics is shown tobe closely related to that of logic programs, leading to anapproach to the efficient implementation of queries concerninglocal names. A complete axiomatization of the logic is alsoprovided.