Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Proxy-based security protocols in networked mobile devices
Proceedings of the 2002 ACM symposium on Applied computing
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
ConChord: Cooperative SDSI Certificate Storage and Name Resolution
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Role-Based Access Control for E-commerce Sea-of-Data Applications
ISC '02 Proceedings of the 5th International Conference on Information Security
Distributed credential chain discovery in trust management
Journal of Computer Security
Analysis of SPKI/SDSI Certificates Using Model Checking
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Access-controlled resource discovery for pervasive networks
Proceedings of the 2003 ACM symposium on Applied computing
A logical reconstruction of SPKI
Journal of Computer Security - Special issue on CSFW14
Towards a credential-based implementation of compound access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Role-based cascaded delegation
Proceedings of the ninth ACM symposium on Access control models and technologies
Trust evaluation in ad-hoc networks
Proceedings of the 3rd ACM workshop on Wireless security
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Efficient support for enterprise delegation policies
Proceedings of the 2005 ACM symposium on Applied computing
Policy-hiding access control in open environment
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
e-coupons: An Efficient, Secure and Delegable Micro-Payment System
Information Systems Frontiers
Access control to people location information
ACM Transactions on Information and System Security (TISSEC)
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Automatic matchmaking of web services
Proceedings of the 15th international conference on World Wide Web
Inferring dynamic credentials for rôle-based trust management
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
Trust in large-scale computational grids: an SPKI/SDSI extension for representing opinion
Proceedings of the 4th international workshop on Middleware for grid computing
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
Addressing interoperability issues in access control models
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
NetPay: An off-line, decentralized micro-payment system for thin-client applications
Electronic Commerce Research and Applications
Language based policy analysis in a SPKI Trust Management System
Journal of Computer Security
Kerberized credential translation: a solution to web access control
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Optimal Dispersal of Certificate Chains
IEEE Transactions on Parallel and Distributed Systems
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
Efficient trust management policy analysis from rules
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Journal of Computer Security - Special issue on CSFW15
A scalable and flexible web services authentication model
Proceedings of the 2007 ACM workshop on Secure web services
Information and Computation
Offline count-limited certificates
Proceedings of the 2008 ACM symposium on Applied computing
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
ACM Transactions on Information and System Security (TISSEC)
Compact and Anonymous Role-Based Authorization Chain
ACM Transactions on Information and System Security (TISSEC)
Towards Role Based Trust Management without Distributed Searching of Credentials
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
The next 700 access control models or a unifying meta-model?
Proceedings of the 14th ACM symposium on Access control models and technologies
From datalog rules to efficient programs with time and space guarantees
ACM Transactions on Programming Languages and Systems (TOPLAS)
A Secure Delegation Model Based on Multi-agent in Pervasive Environments
KES-AMSTA '09 Proceedings of the Third KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
PAES: Policy-Based Authority Evaluation Scheme
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
A semantic-based access control mechanism using semantic technologies
Proceedings of the 2nd international conference on Security of information and networks
Case study: trust establishment in personal area networks
ISWPC'09 Proceedings of the 4th international conference on Wireless pervasive computing
Nonmonotonic Trust Management for P2P Applications
Electronic Notes in Theoretical Computer Science (ENTCS)
Distributed programming with distributed authorization
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
A graph theoretic approach for optimizing key pre-distribution in wireless sensor networks
WiOPT'09 Proceedings of the 7th international conference on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks
Proceedings of the 9th Symposium on Identity and Trust on the Internet
An opportunistic authority evaluation scheme for data security in crisis management scenarios
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Implementation of an agent-oriented trust management infrastructure based on a hybrid PKI model
iTrust'03 Proceedings of the 1st international conference on Trust management
A practical study on security of agent-based ubiquitous computing
AAMAS'02 Proceedings of the 2002 international conference on Trust, reputation, and security: theories and practice
A RT0-based compliance checker model for automated trust negotiation
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
An introduction to the role based trust management framework RT
Foundations of security analysis and design IV
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Multi-domain trust management in variable-threat environments: a user-centric model
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Credential chain discovery in RTTtrust management language
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Resource management with X.509 inter-domain authorization certificates (InterAC)
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Design and implementation of a public key-based group collaboration system
Computer Communications
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
ACConv -- An Access Control Model for Conversational Web Services
ACM Transactions on the Web (TWEB)
xDAuth: a scalable and lightweight framework for cross domain access control and delegation
Proceedings of the 16th ACM symposium on Access control models and technologies
Dynamics in delegation and revocation schemes: a logical approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Socially constructed trust for distributed authorization
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Trust metrics for the SPKI/SDSI authorisation framework
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Trust management languages and complexity
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part II
Proceedings of the 11th international conference on Security Protocols
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
The design and implementation of secure event manager using SPKI/SDSI certificate
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
LP with flexible grouping and aggregates using modes
LOPSTR'09 Proceedings of the 19th international conference on Logic-Based Program Synthesis and Transformation
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Reducing the dependence of SPKI/SDSI on PKI
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Privacy preserving of trust management credentials based on trusted computing
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
An XML standards based authorization framework for mobile agents
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
ATVA'06 Proceedings of the 4th international conference on Automated Technology for Verification and Analysis
Adding support to XACML for dynamic delegation of authority in multiple domains
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Specification and realization of access control in SPKI/SDSI
ICISS'06 Proceedings of the Second international conference on Information Systems Security
A logic for analysing subterfuge in delegation chains
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Weighted pushdown systems and trust-management systems
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Distributed policy specification and interpretation with classified advertisements
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Computers & Mathematics with Applications
Avoiding delegation subterfuge using linked local permission names
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
DEAL: A Distributed Authorization Language for Ambient Intelligence
International Journal of Ambient Computing and Intelligence
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Policy-driven role-based access management for ad-hoc collaboration
Journal of Computer Security
Information flow in trust management systems
Journal of Computer Security - CSF 2010
| Hi-index | 0.00 |
SPKI/SDSI is a novel public-key infrastructure emphasizing naming,groups, ease-of-use, and flexible authorization. To access aprotected resource, a client must present to the server a proofthat the client is authorized; this proof takes the form of acertificate chain proving that the client's public key is in one ofthe groups on the resource's ACL, or that the client's public keyhas been delegated authority (in one or more stages) from a key inone of the groups on the resource's ACL.While finding such a chain can be nontrivial, due to theflexible naming and delegation capabilities of SPKI/SDSIcertificates, we present a practical and efficient algorithm forthis problem of certificate chain discovery. We also present atight worst-case bound on its running time, which is polynomial inthe length of its input. We also present an extension of our algorithm that is capableof handling threshold subjects, where several principals arerequired to co-sign a request to access a protected resource.