Power and Permission in Security Systems
Proceedings of the 7th International Workshop on Security Protocols
Applications in health care using public-key certificates and attribute certificates
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Revocation Schemes for Delegated Authorities
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Local vs Global Policies and Centralized vs Decentralized Control in Virtual Communities of Agents
WI '04 Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence
A rule-based framework for role-based constrained delegation
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Policy Administration Control and Delegation Using XACML and Delegent
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A classification of delegation schemes for attribute authority
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
An administrative model for UCONABC
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Dynamics in delegation and revocation schemes: a logical approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Towards a mechanism for discretionary overriding of access control
SP'04 Proceedings of the 12th international conference on Security Protocols
An authorization framework based on constrained delegation
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
Permission and authorization in policies for virtual communities of agents
AP2PC'04 Proceedings of the Third international conference on Agents and Peer-to-Peer Computing
Towards more controllable and practical delegation
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
An XML standards based authorization framework for mobile agents
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
| Hi-index | 0.00 |
We address the issue of updating privileges in a dynamic environment by introducing authority certificates in a Privilege Management Infrastructure. These certificates can be used to create access-level permissions but also to delegate authority to other agents, thereby providing a mechanism for creating management structures and for changing these structures over time. We present a semantic framework for privileges and certificates and an associated calculus, encoded as a logic program, for reasoning about them. The framework distinguishes between the time a certificate is issued or revoked and the time for which the associated privilege is created. This enables certificates to have prospective and retrospective effects, and allows us to reason about privileges and their consequences in the past, present, and future. The calculus provides a verification procedure for determining, given a set of declaration and revocation certificates, whether a certain privilege holds.