Hilbert's tenth problem
Selected papers of the 9th annual ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Constraint Databases: A Survey
Selected Papers from a Workshop on Semantics in Databases
Safe Datalog Queries with Linear Constraints
CP '98 Proceedings of the 4th International Conference on Principles and Practice of Constraint Programming
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Naming and sharing resources across administrative boundaries
Naming and sharing resources across administrative boundaries
Variable Independence in Constraint Databases
IEEE Transactions on Knowledge and Data Engineering
A retrospective on constraint databases
PCK50 Proceedings of the Paris C. Kanellakis memorial workshop on Principles of computing & knowledge: Paris C. Kanellakis memorial workshop on the occasion of his 50th birthday
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Email feedback: a policy-based approach to overcoming false positives
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
On Relating and Integrating Two Trust Management Frameworks
Electronic Notes in Theoretical Computer Science (ENTCS)
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
Language based policy analysis in a SPKI Trust Management System
Journal of Computer Security
Efficient trust management policy analysis from rules
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Information carrying identity proof trees
Proceedings of the 2007 ACM workshop on Privacy in electronic society
InterPol: a policy framework for managing trust and privacy in referral networks
Proceedings of the 6th international joint conference on Autonomous agents and multiagent systems
Information and Computation
Access control policies and languages
International Journal of Computational Science and Engineering
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
A Semantic Foundation for Trust Management Languages with Weights: An Application to the RT Family
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Evita raced: metacompilation for declarative networks
Proceedings of the VLDB Endowment
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
PADL '09 Proceedings of the 11th International Symposium on Practical Aspects of Declarative Languages
From datalog rules to efficient programs with time and space guarantees
ACM Transactions on Programming Languages and Systems (TOPLAS)
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Security Policy Definition Framework for SOA-Based Systems
WISE '09 Proceedings of the 10th International Conference on Web Information Systems Engineering
Information Sharing among Autonomous Agents in Referral Networks
Agents and Peer-to-Peer Computing
Extending the globus architecture with role-based trust management
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
The role of abduction in declarative authorization policies
PADL'08 Proceedings of the 10th international conference on Practical aspects of declarative languages
A modal deconstruction of access control logics
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
A logic for state-modifying authorization policies
ACM Transactions on Information and System Security (TISSEC)
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
Abductive authorization credential gathering
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
Precise complexity analysis for efficient datalog queries
Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programming
A flexible architecture for privacy-aware trust management
Journal of Theoretical and Applied Electronic Commerce Research
More efficient datalog queries: subsumptive tabling beats magic sets
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
STM'10 Proceedings of the 6th international conference on Security and trust management
Relaxed safeness in Datalog-based policies
RuleML'11 Proceedings of the 5th international conference on Rule-based modeling and computing on the semantic web
A framework for flexible access control in digital library systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Soutei, a logic-based trust-management system
FLOPS'06 Proceedings of the 8th international conference on Functional and Logic Programming
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Privacy is linking permission to purpose
SP'04 Proceedings of the 12th international conference on Security Protocols
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Verifying the incorrectness of programs and automata
SARA'05 Proceedings of the 6th international conference on Abstraction, Reformulation and Approximation
Towards more controllable and practical delegation
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Compiling constraint handling rules for efficient tabled evaluation
PADL'07 Proceedings of the 9th international conference on Practical Aspects of Declarative Languages
Bring efficient connotation expressible policies to trust management
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Dedalus: datalog in time and space
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Optimizing inequality joins in datalog with approximated constraint propagation
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
On the verification of security-aware E-services
Journal of Symbolic Computation
An operating system for the home
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Computers & Mathematics with Applications
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Modeling datalog fact assertion and retraction in linear logic
Proceedings of the 14th symposium on Principles and practice of declarative programming
A trust and context aware access control model for web services conversations
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Conditional privacy-aware role based access control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Datalog: a perspective and the potential
Datalog 2.0'12 Proceedings of the Second international conference on Datalog in Academia and Industry
Business network reconstruction using datalog
Datalog 2.0'12 Proceedings of the Second international conference on Datalog in Academia and Industry
A framework for modular ERDF ontologies
Annals of Mathematics and Artificial Intelligence
Future Generation Computer Systems
Information flow in trust management systems
Journal of Computer Security - CSF 2010
| Hi-index | 0.00 |
Trust management (TM) is a promising approach for authorization and access control in distributed systems, based on signed distributed policy statements expressed in a policy language. Although several TM languages are semantically equivalent to subsets of Datalog, Datalog is not sufficiently expressive for fine-grained control of structured resources. We define the class of linearly decomposable unary constraint domains, prove that DATALOG extended with constraints in any combination of such constraint domains is tractable, and show that permissions associated with structured resources fall into this class. We also present a concrete declarative TM language, RT1C, based on constraint DATALOG, and use constraint DATALOG to analyze another TM system, KeyNote, which turns out to be less expressive than RT1C in significant respects, yet less tractable in the worst case. Although constraint DATALOG has been studied in the context of constraint databases, TM applications involve different kinds of constraint domains and have different computational complexity requirements.