Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
Computing in Horn clause theories
Computing in Horn clause theories
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Types in logic programming
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Internet Privacy Enhanced Mail
Communications of the ACM - Special issue on internetworking
Tabled evaluation with delaying for general logic programs
Journal of the ACM (JACM)
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
On SDSI's linked local name spaces
Journal of Computer Security
A logic for SDSI's linked local name spaces
Journal of Computer Security
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Modelling a Public-Key Infrastructure
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
On the Structure of Delegation Networks
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Delegation logic: a logic-based approach to distributed authorization
Delegation logic: a logic-based approach to distributed authorization
Naming and sharing resources across administrative boundaries
Naming and sharing resources across administrative boundaries
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
KAoS Policy Management for Semantic Web Services
IEEE Intelligent Systems
A rule-based framework for role-based constrained delegation
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Efficient support for enterprise delegation policies
Proceedings of the 2005 ACM symposium on Applied computing
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
On the dynamics of delegation, cooperation, and control: a logical account
Proceedings of the fourth international joint conference on Autonomous agents and multiagent systems
Trust but verify: authorization for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
On classifying access control implementations for distributed systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
DR-Prolog: A System for Defeasible Reasoning with Rules and Ontologies on the Semantic Web
IEEE Transactions on Knowledge and Data Engineering
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
On the deployment of a real scalable delegation service
Information Security Tech. Report
Information carrying identity proof trees
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Journal of the ACM (JACM)
Security in grid computing: A review and synthesis
Decision Support Systems
Access control policies and languages
International Journal of Computational Science and Engineering
Towards a declarative language and system for secure networking
NETB'07 Proceedings of the 3rd USENIX international workshop on Networking meets databases
Interactive access control for autonomic systems: From theory to implementation
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
ACM Transactions on Information and System Security (TISSEC)
Access Control for XML Document
IEA/AIE '08 Proceedings of the 21st international conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems: New Frontiers in Applied Artificial Intelligence
A Semantic Foundation for Trust Management Languages with Weights: An Application to the RT Family
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Variations in Access Control Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Compact and Anonymous Role-Based Authorization Chain
ACM Transactions on Information and System Security (TISSEC)
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Requirements of federated trust management for service-oriented architectures
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
QuanTM: a quantitative trust management system
Proceedings of the Second European Workshop on System Security
xDomain: cross-border proofs of access
Proceedings of the 14th ACM symposium on Access control models and technologies
A Delegation Logic Based Authorization Mechanism for Virtual Organizations
Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Operational Semantics for DKAL: Application and Analysis
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Distributed and Parallel Databases
Distributed event-based access control
International Journal of Information and Computer Security
A logic for authorization provenance
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
A certified distributed security logic for authorizing code
TYPES'06 Proceedings of the 2006 international conference on Types for proofs and programs
A modal deconstruction of access control logics
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
SecureBlox: customizable secure distributed data processing
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
A card requirements language enabling privacy-preserving access control
Proceedings of the 15th ACM symposium on Access control models and technologies
A framework towards enhancing trust and authorisation for e-commerce service
International Journal of Internet Technology and Secured Transactions
Apply measurable risk to strengthen security of a role-based delegation supporting workflow system
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Using ASP for knowledge management with user authorization
Data & Knowledge Engineering
A constructive conditional logic for access control: a preliminary report
Proceedings of the 2010 conference on ECAI 2010: 19th European Conference on Artificial Intelligence
Reasoning about the transfer of control
Journal of Artificial Intelligence Research
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
ABUSE: PKI for real-world email trust
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
A contract agreement policy-based workflow methodology for agents interacting in the semantic web
RuleML'10 Proceedings of the 2010 international conference on Semantic web rules
Modal Access Control LogicAxiomatization, Semantics and FOL Theorem Proving
Proceedings of the 2010 conference on STAIRS 2010: Proceedings of the Fifth Starting AI Researchers' Symposium
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Access control via belnap logic: Intuitive, expressive, and analyzable policy composition
ACM Transactions on Information and System Security (TISSEC)
Confidentiality-preserving proof theories for distributed proof systems
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
A logic program solution for conflict authorizations
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
xDAuth: a scalable and lightweight framework for cross domain access control and delegation
Proceedings of the 16th ACM symposium on Access control models and technologies
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
An access control language based on term rewriting and description logic
WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming
A conditional constructive logic for access control and its sequent calculus
TABLEAUX'11 Proceedings of the 20th international conference on Automated reasoning with analytic tableaux and related methods
Rule-based trust assessment on the semantic web
RuleML'2011 Proceedings of the 5th international conference on Rule-based reasoning, programming, and applications
Socially constructed trust for distributed authorization
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
STM'10 Proceedings of the 6th international conference on Security and trust management
Logic based authorization program and its implementation
Proceedings of the 4th international conference on Security of information and networks
A graphical rule authoring tool for defeasible reasoning in the semantic web
PCI'05 Proceedings of the 10th Panhellenic conference on Advances in Informatics
Trust management with safe privilege propagation
APPT'05 Proceedings of the 6th international conference on Advanced Parallel Processing Technologies
Answer set programming for distributed authorization: the language, computations, and application
AI'05 Proceedings of the 18th Australian Joint conference on Advances in Artificial Intelligence
A formalization of distributed authorization with delegation
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Insurable storage services: creating a marketplace for long-term document archival
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part III
Managing trust in distributed agent systems
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Privacy is linking permission to purpose
SP'04 Proceedings of the 12th international conference on Security Protocols
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
An authorization framework based on constrained delegation
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Specifying distributed authorization with delegation using logic programming
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Permission and authorization in policies for virtual communities of agents
AP2PC'04 Proceedings of the Third international conference on Agents and Peer-to-Peer Computing
A logic based approach for dynamic access control
AI'04 Proceedings of the 17th Australian joint conference on Advances in Artificial Intelligence
Visualizing defeasible logic rules for the semantic web
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
A new approach for conflict resolution of authorization
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Modeling public key infrastructures in the real world
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
WAC'04 Proceedings of the First international IFIP conference on Autonomic Communication
Interactive credential negotiation for stateful business processes
iTrust'05 Proceedings of the Third international conference on Trust Management
Towards more controllable and practical delegation
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Discretionary capability confinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Graphical representation of authorization policies for weighted credentials
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Bring efficient connotation expressible policies to trust management
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
A visual environment for developing defeasible rule bases for the semantic web
RuleML'05 Proceedings of the First international conference on Rules and Rule Markup Languages for the Semantic Web
Recent advances in declarative networking
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Computers & Mathematics with Applications
Logical approaches to authorization policies
Logic Programs, Norms and Action
Decentralized governance of distributed systems via interaction control
Logic Programs, Norms and Action
Declarative secure distributed information systems
Computer Languages, Systems and Structures
DEAL: A Distributed Authorization Language for Ambient Intelligence
International Journal of Ambient Computing and Intelligence
Modelling Access Propagation in Dynamic Systems
ACM Transactions on Information and System Security (TISSEC)
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
We address the problem of authorization in large-scale, open, distributed systems. Authorization decisions are needed in electronic commerce, mobile-code execution, remote resource sharing, privacy protection, and many other applications. We adopt the trust-management approach, in which "authorization" is viewed as a "proof-of-compliance" problem: Does a set of credentials prove that a request complies with a policy?We develop a logic-based language, called Delegation Logic (DL), to represent policies, credentials, and requests in distributed authorization. In this paper, we describe D1LP, the monotonic version of DL. D1LP extends the logic-programming (LP) language Datalog with expressive delegation constructs that feature delegation depth and a wide variety of complex principals (including, but not limited to, k-out-of-n thresholds). Our approach to defining and implementing D1LP is based on tractably compiling D1LP programs into ordinary logic programs (OLPs). This compilation approach enables D1LP to be implemented modularly on top of existing technologies for OLP, for example, Prolog.As a trust-management language, D1LP provides a concept of proof-of-compliance that is founded on well-understood principles of logic programming and knowledge representation. D1LP also provides a logical framework for studying delegation.