Limits to parallel computation: P-completeness theory
Limits to parallel computation: P-completeness theory
Role-Based Access Control Models
Computer
Policy-directed certificate retrieval
Software—Practice & Experience
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Compliance Checking in the PolicyMaker Trust Management System
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Fast Access Control Decisions from Delegation Certificate Databases
ACISP '98 Proceedings of the Third Australasian Conference on Information Security and Privacy
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Delegation logic: a logic-based approach to distributed authorization
Delegation logic: a logic-based approach to distributed authorization
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Role-based cascaded delegation
Proceedings of the ninth ACM symposium on Access control models and technologies
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Efficient support for enterprise delegation policies
Proceedings of the 2005 ACM symposium on Applied computing
Policy-hiding access control in open environment
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Access control to people location information
ACM Transactions on Information and System Security (TISSEC)
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Inferring dynamic credentials for rôle-based trust management
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
On Relating and Integrating Two Trust Management Frameworks
Electronic Notes in Theoretical Computer Science (ENTCS)
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Optimal Dispersal of Certificate Chains
IEEE Transactions on Parallel and Distributed Systems
A survey of trust in computer science and the Semantic Web
Web Semantics: Science, Services and Agents on the World Wide Web
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
An End-To-End Approach to Distributed Policy Language Implementation
Electronic Notes in Theoretical Computer Science (ENTCS)
A Uniform Framework for Security and Trust Modeling and Analysis with Crypto-CCS
Electronic Notes in Theoretical Computer Science (ENTCS)
Journal of Computer Security - Special issue on CSFW15
A scalable and flexible web services authentication model
Proceedings of the 2007 ACM workshop on Secure web services
The Traust Authorization Service
ACM Transactions on Information and System Security (TISSEC)
Xcellog: A deductive spreadsheet system
The Knowledge Engineering Review
A theory for comparing the expressive power of access control models
Journal of Computer Security
Risk management for distributed authorization
Journal of Computer Security
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Assertions Signcryption Scheme in Decentralized Autonomous Trust Environments
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Compact and Anonymous Role-Based Authorization Chain
ACM Transactions on Information and System Security (TISSEC)
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Signed and weighted trust credentials in fraglets
Proceedings of the 3rd International Conference on Bio-Inspired Models of Network, Information and Computing Sytems
Trust Management and Trust Negotiation in an Extension of SQL
Trustworthy Global Computing
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
A trust-based approach to estimating the confidence of the software system in open environments
Journal of Computer Science and Technology
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
A negotiation-based trust establishment service for CROWN grid
International Journal of Autonomous and Adaptive Communications Systems
Nonmonotonic Trust Management for P2P Applications
Electronic Notes in Theoretical Computer Science (ENTCS)
Effective trust management through a hybrid logical and relational approach
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A logic for authorization provenance
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
An introduction to trust negotiation
iTrust'03 Proceedings of the 1st international conference on Trust management
Authenticated dictionaries for fresh attribute credentials
iTrust'03 Proceedings of the 1st international conference on Trust management
A RT0-based compliance checker model for automated trust negotiation
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
Extending the globus architecture with role-based trust management
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
Fine grained access control with trust and reputation management for globus
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
An introduction to the role based trust management framework RT
Foundations of security analysis and design IV
Abductive authorization credential gathering
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
On usage control for GRID systems
Future Generation Computer Systems
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Multi-domain trust management in variable-threat environments: a user-centric model
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
A flexible architecture for privacy-aware trust management
Journal of Theoretical and Applied Electronic Commerce Research
An administrative model for UCONABC
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Credential chain discovery in RTTtrust management language
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Job-centric security model for open collaborative environment
CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Trust management languages and complexity
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part II
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Distributed access control for grid environments using trust management approach
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
A formalization of distributed authorization with delegation
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Deductive spreadsheets using tabled logic programming
ICLP'06 Proceedings of the 22nd international conference on Logic Programming
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Towards an integrated formal analysis for security and trust
FMOODS'05 Proceedings of the 7th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Privacy preserving of trust management credentials based on trusted computing
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Adding support to XACML for dynamic delegation of authority in multiple domains
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
ICISS'05 Proceedings of the First international conference on Information Systems Security
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Weighted pushdown systems and trust-management systems
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
The semantics of role-based trust management languages
CEE-SET'09 Proceedings of the 4th IFIP TC 2 Central and East European conference on Advances in Software Engineering Techniques
Enhancing directory virtualization to detect insider activity
Security and Communication Networks
Decentralized semantic threat graphs
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Avoiding delegation subterfuge using linked local permission names
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Hails: protecting data privacy in untrusted web applications
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Recognition of authority in virtual organisations
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Declarative secure distributed information systems
Computer Languages, Systems and Structures
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Formal verification of security properties in trust management policy
Journal of Computer Security
Policy-driven role-based access management for ad-hoc collaboration
Journal of Computer Security
| Hi-index | 0.00 |
We introduce a simple Role-based Trust-management language RT0 and a set-theoretic semantics for it. We also introduce credential graphs as a searchable representation of credentials in RT0 and prove that reachability in credential graphs is sound and complete with respect to the semantics of RT0. Based on credential graphs, we give goal-directed algorithms to do credential chain discovery in RT0, both when credential storage is centralized and when credential storage is distributed. A goal-directed algorithm begins with an access-control query and searches for credentials relevant to the query, while avoiding considering the potentially very large number of credentials that are unrelated to the access-control decision at hand. This approach provides better expected-case performance than bottom-up algorithms. We show how our algorithms can be applied to SDSI 2.0 (the 'SDSI' part of SPKI/SDSI 2.0).Our goal-directed, distributed chain discovery algorithm finds and retrieves credentials as needed. We prove that the algorithm is correct by proving that the algorithm is sound and complete with respect to the credential graph composed of the credentials it retrieves, and that the algorithm retrieves all credentials that constitute a traversable chain. We further introduce a storage type system for RT0, which guarantees traversability of chains when credentials are well typed. This type system can also help improve search efficiency by guiding search in the right direction, making distributed chain discovery with large number of credentials feasible.