Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Protecting sensitive attributes in automated trust negotiation
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Dynamically authorized role-based access control for secure distributed computation
Proceedings of the 2002 ACM workshop on XML security
Distributed credential chain discovery in trust management
Journal of Computer Security
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
An access control framework for business processes for web services
Proceedings of the 2003 ACM workshop on XML security
Trust-serv: model-driven lifecycle management of trust negotiation policies for web services
Proceedings of the 13th international conference on World Wide Web
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Role-based cascaded delegation
Proceedings of the ninth ACM symposium on Access control models and technologies
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Trust Negotiations: Concepts, Systems, and Languages
Computing in Science and Engineering
Content-triggered trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Reputation-based framework for high integrity sensor networks
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
A rule-based framework for role-based constrained delegation
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Using certified policies to regulate E-commerce transactions
ACM Transactions on Internet Technology (TOIT)
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Efficient support for enterprise delegation policies
Proceedings of the 2005 ACM symposium on Applied computing
An attribute-based access matrix model
Proceedings of the 2005 ACM symposium on Applied computing
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
A Trust-Based Context-Aware Access Control Model for Web-Services
Distributed and Parallel Databases
Policy-hiding access control in open environment
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Anonymous yet accountable access control
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Access control management in a distributed environment supporting dynamic collaboration
Proceedings of the 2005 workshop on Digital identity management
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Trust but verify: authorization for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Traust: a trust negotiation-based authorization service for open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Redirection policies for mission-based information sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
Specifying distributed trust management in LolliMon
Proceedings of the 2006 workshop on Programming languages and analysis for security
Inferring dynamic credentials for rôle-based trust management
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
A method for access authorisation through delegation networks
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
Token-based dynamic trust establishment for web services
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Safety and consistency in policy-based authorization systems
Proceedings of the 13th ACM conference on Computer and communications security
Beyond separation of duty: an algebra for specifying high-level security policies
Proceedings of the 13th ACM conference on Computer and communications security
A survey of autonomic communications
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
An integrated approach to federated identity and privilege management in open systems
Communications of the ACM - Spam and the ongoing battle for the inbox
On Relating and Integrating Two Trust Management Frameworks
Electronic Notes in Theoretical Computer Science (ENTCS)
Audit-Based Access Control for Electronic Health Records
Electronic Notes in Theoretical Computer Science (ENTCS)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Language based policy analysis in a SPKI Trust Management System
Journal of Computer Security
ROST: Remote and hot service deployment with trustworthiness in CROWN Grid
Future Generation Computer Systems
X-FEDERATE: A Policy Engineering Framework for Federated Access Management
IEEE Transactions on Software Engineering
Managing Impacts of Security Protocol Changes in Service-Oriented Applications
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Administering access control in dynamic coalitions
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Adaptive Trust Negotiation and Access Control for Grids
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Proceedings of the 2007 workshop on Programming languages and analysis for security
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Engineering Trust Management into Software Models
MISE '07 Proceedings of the International Workshop on Modeling in Software Engineering
On the deployment of a real scalable delegation service
Information Security Tech. Report
What can identity-based cryptography offer to web services?
Proceedings of the 2007 ACM workshop on Secure web services
lightweight decentralized authorization model for inter-domain collaborations
Proceedings of the 2007 ACM workshop on Secure web services
Journal of the ACM (JACM)
Message Dropping Attacks in Overlay Networks: Attack Detection and Attacker Identification
ACM Transactions on Information and System Security (TISSEC)
A Trust- and Property-based Access Control Model
Electronic Notes in Theoretical Computer Science (ENTCS)
Xcellog: A deductive spreadsheet system
The Knowledge Engineering Review
Information and Computation
A user study of policy creation in a flexible access-control system
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Access control policies and languages
International Journal of Computational Science and Engineering
Proceedings of the 1st international conference on Autonomic computing and communication systems
Role-based access control for boxed ambients
Theoretical Computer Science
Towards an efficient and language-agnostic compliance checker for trust negotiation systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Usage control platformization via trustworthy SELinux
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A theory for comparing the expressive power of access control models
Journal of Computer Security
Risk management for distributed authorization
Journal of Computer Security
ROWLBAC: representing role based access control in OWL
Proceedings of the 13th ACM symposium on Access control models and technologies
Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
Interactive access control for autonomic systems: From theory to implementation
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Attribute delegation in ubiquitous environments
Proceedings of the 3rd international conference on Mobile multimedia communications
Implementation aspects of a delegation system
Proceedings of the 3rd international conference on Mobile multimedia communications
ACM Transactions on Information and System Security (TISSEC)
Enabling attribute delegation in ubiquitous environments
Mobile Networks and Applications
A Semantic Foundation for Trust Management Languages with Weights: An Application to the RT Family
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Supporting Security-Oriented, Collaborative nanoCMOS Electronics Research
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part I
A Model for Trust Metrics Analysis
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
A Logical Approach to Dynamic Role-Based Access Control
AIMSA '08 Proceedings of the 13th international conference on Artificial Intelligence: Methodology, Systems, and Applications
Compact and Anonymous Role-Based Authorization Chain
ACM Transactions on Information and System Security (TISSEC)
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards Role Based Trust Management without Distributed Searching of Credentials
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
CRBAC: Imposing multi-grained constraints on the RBAC model in the multi-application environment
Journal of Network and Computer Applications
Signed and weighted trust credentials in fraglets
Proceedings of the 3rd International Conference on Bio-Inspired Models of Network, Information and Computing Sytems
QuanTM: a quantitative trust management system
Proceedings of the Second European Workshop on System Security
Toward practical analysis for trust management policy
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Trust Management and Trust Negotiation in an Extension of SQL
Trustworthy Global Computing
Dynamics, Robustness and Fragility of Trust
Formal Aspects in Security and Trust
Formal Aspects in Security and Trust
xDomain: cross-border proofs of access
Proceedings of the 14th ACM symposium on Access control models and technologies
The next 700 access control models or a unifying meta-model?
Proceedings of the 14th ACM symposium on Access control models and technologies
ALOPA: Authorization Logic for Property Attestation in Trusted Platforms
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
PAES: Policy-Based Authority Evaluation Scheme
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Towards Trustworthy Delegation in Role-Based Access Control Model
ISC '09 Proceedings of the 12th International Conference on Information Security
An Implementation of Role-Base Trust Management Extended with Weights on Mobile Devices
Electronic Notes in Theoretical Computer Science (ENTCS)
A negotiation-based trust establishment service for CROWN grid
International Journal of Autonomous and Adaptive Communications Systems
A role-based XACML administration and delegation profile and its enforcement architecture
Proceedings of the 2009 ACM workshop on Secure web services
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Nonmonotonic Trust Management for P2P Applications
Electronic Notes in Theoretical Computer Science (ENTCS)
Distributed programming with distributed authorization
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
A trust establishment scheme for cluster-based sensor networks
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
An opportunistic authority evaluation scheme for data security in crisis management scenarios
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
An introduction to trust negotiation
iTrust'03 Proceedings of the 1st international conference on Trust management
Fidelis: a policy-driven trust management framework
iTrust'03 Proceedings of the 1st international conference on Trust management
Implementation of an agent-oriented trust management infrastructure based on a hybrid PKI model
iTrust'03 Proceedings of the 1st international conference on Trust management
Authenticated dictionaries for fresh attribute credentials
iTrust'03 Proceedings of the 1st international conference on Trust management
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
How to do things with cryptographic protocols
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Extending the globus architecture with role-based trust management
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
Fine grained access control with trust and reputation management for globus
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Dynamic access control research for inter-operation in multi-domain environment based on risk
WISA'07 Proceedings of the 8th international conference on Information security applications
The role of abduction in declarative authorization policies
PADL'08 Proceedings of the 10th international conference on Practical aspects of declarative languages
Mediator-free secure policy interoperation of exclusively-trusted multiple domains
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
A certified distributed security logic for authorizing code
TYPES'06 Proceedings of the 2006 international conference on Types for proofs and programs
An introduction to the role based trust management framework RT
Foundations of security analysis and design IV
A logic for state-modifying authorization policies
ACM Transactions on Information and System Security (TISSEC)
A framework towards enhancing trust and authorisation for e-commerce service
International Journal of Internet Technology and Secured Transactions
POLIPO: policies & ontologies for interoperability, portability, and autonomy
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Usable access control in collaborative environments: authorization based on people-tagging
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
On usage control for GRID systems
Future Generation Computer Systems
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
The impact of dynamic adversarial attacks on the stability of heterogeneous multimedia networks
Computer Communications
A hybrid trust management system for automated fine-grained access control
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Multi-domain trust management in variable-threat environments: a user-centric model
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
A flexible architecture for privacy-aware trust management
Journal of Theoretical and Applied Electronic Commerce Research
Experiences in the logical specification of the HIPAA and GLBA privacy laws
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Modelling dynamic access control policies for web-based collaborative systems
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Attribute-Based Messaging: Access Control and Confidentiality
ACM Transactions on Information and System Security (TISSEC)
Service dependencies in information systems security
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Credential chain discovery in RTTtrust management language
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
A service dependency model for cost-sensitive intrusion response
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Resource management with X.509 inter-domain authorization certificates (InterAC)
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
ABUSE: PKI for real-world email trust
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Quantifying and qualifying trust: spectral decomposition of trust networks
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Confidentiality-preserving proof theories for distributed proof systems
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Journal of Systems Architecture: the EUROMICRO Journal
Types for security in a mobile world
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Programming cryptographic protocols
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
An authorization scheme for version control systems
Proceedings of the 16th ACM symposium on Access control models and technologies
Secommunity: a framework for distributed access control
LPNMR'11 Proceedings of the 11th international conference on Logic programming and nonmonotonic reasoning
Dynamics in delegation and revocation schemes: a logical approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Socially constructed trust for distributed authorization
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Rewrite specifications of access control policies in distributed environments
STM'10 Proceedings of the 6th international conference on Security and trust management
Stateful authorization logic: proof theory and a case study
STM'10 Proceedings of the 6th international conference on Security and trust management
Opacity analysis in trust management systems
ISC'11 Proceedings of the 14th international conference on Information security
A knowledge-based verification method for dynamic access control policies
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Enforcing security policies for distributed objects applications
Proceedings of the 11th international conference on Security Protocols
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Poster: protecting information in systems of systems
Proceedings of the 18th ACM conference on Computer and communications security
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Trust management with safe privilege propagation
APPT'05 Proceedings of the 6th international conference on Advanced Parallel Processing Technologies
Answer set programming for distributed authorization: the language, computations, and application
AI'05 Proceedings of the 18th Australian Joint conference on Advances in Artificial Intelligence
An authorization framework for sharing data in web service federations
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Synergy: a policy-driven, trust-aware information dissemination framework
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Deductive spreadsheets using tabled logic programming
ICLP'06 Proceedings of the 22nd international conference on Logic Programming
A dynamic access control model
Applied Intelligence
LP with flexible grouping and aggregates using modes
LOPSTR'09 Proceedings of the 19th international conference on Logic-Based Program Synthesis and Transformation
An authorization framework based on constrained delegation
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
OACerts: oblivious attribute certificates
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
A formal privacy system and its application to location based services
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Privacy-Preserving database systems
Foundations of Security Analysis and Design III
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Verifying the incorrectness of programs and automata
SARA'05 Proceedings of the 6th international conference on Abstraction, Reformulation and Approximation
A representation model of trust relationships with delegation extensions
iTrust'05 Proceedings of the Third international conference on Trust Management
Representing distributed groups with dgFOAF
ESWC'10 Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part II
Towards more controllable and practical delegation
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
A calculus for trust management
FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science
Security model oriented attestation on dynamically reconfigurable component-based systems
Journal of Network and Computer Applications
Security analysis and validation for access control in multi-domain environment based on risk
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Privacy preserving of trust management credentials based on trusted computing
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Bring efficient connotation expressible policies to trust management
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Category-Based authorisation models: operational semantics and expressive power
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
SocialClouds: concept, security architecture and some mechanisms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
ICISS'05 Proceedings of the First international conference on Information Systems Security
Datalog for security, privacy and trust
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Relating declarative semantics and usability in access control
Proceedings of the Eighth Symposium on Usable Privacy and Security
A social recommender mechanism for improving knowledge sharing in online forums
Information Processing and Management: an International Journal
Computers & Mathematics with Applications
Logical approaches to authorization policies
Logic Programs, Norms and Action
The semantics of role-based trust management languages
CEE-SET'09 Proceedings of the 4th IFIP TC 2 Central and East European conference on Advances in Software Engineering Techniques
A unified attribute-based access control model covering DAC, MAC and RBAC
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
TBA: a hybrid of logic and extensional access control systems
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
On XACML's adequacy to specify and to enforce HIPAA
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
Proceedings of the 2012 workshop on Cloud services, federation, and the 8th open cirrus summit
Recognition of authority in virtual organisations
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Efficient proving for practical distributed access-control systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Compliance checking for usage-constrained credentials in trust negotiation systems
ISC'12 Proceedings of the 15th international conference on Information Security
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
A role-based administration model for attributes
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
DEAL: A Distributed Authorization Language for Ambient Intelligence
International Journal of Ambient Computing and Intelligence
Nephele: Scalable Access Control for Federated File Services
Journal of Grid Computing
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
A review of GENI authentication and access control mechanisms
International Journal of Security and Networks
Belief semantics of authorization logic
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
The RBAC model and implementation architecture in multi-domain environment
Electronic Commerce Research
Stateful authorization logic --Proof theory and a case study
Journal of Computer Security - STM'10
Formal verification of security properties in trust management policy
Journal of Computer Security
Toward strong, usable access control for shared distributed data
FAST'14 Proceedings of the 12th USENIX conference on File and Storage Technologies
Information flow in trust management systems
Journal of Computer Security - CSF 2010
| Hi-index | 0.00 |
We introduce the RT framework, a family of Role-based Trust-managementlanguages for representing policies and credentials in distributedauthorization. RT combines the strengths of role-based access controland trust-management systems and is especially suitable forattribute-based access control. Using a few simple credential forms, RTprovides localized authority over roles, delegation in role definition,linked roles, and parameterized roles. RT also introduces manifoldroles, which can be used to express threshold and separation-of-dutypolicies, and delegation of role activations. We formally define thesemantics of credentials in the RT framework by presenting a translationfrom credentials to Datalog rules.This translation also shows thatthis semantics is algorithmically tractable.