Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
On SDSI's linked local name spaces
Journal of Computer Security
Protection in operating systems
Communications of the ACM
A logic for SDSI's linked local name spaces
Journal of Computer Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Distributed credential chain discovery in trust management
Journal of Computer Security
ACM SIGOPS Operating Systems Review
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Analysis of SPKI/SDSI Certificates Using Model Checking
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A State-Transition Model of Trust Management and Access Control
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access control to people location information
ACM Transactions on Information and System Security (TISSEC)
Inferring dynamic credentials for rôle-based trust management
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Language based policy analysis in a SPKI Trust Management System
Journal of Computer Security
Efficient trust management policy analysis from rules
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Information and Computation
Role-based access control for boxed ambients
Theoretical Computer Science
Enforcing security properties in task-based systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Resiliency Policies in Access Control
ACM Transactions on Information and System Security (TISSEC)
Safety in discretionary access control for logic-based publish-subscribe systems
Proceedings of the 14th ACM symposium on Access control models and technologies
Operational Semantics for DKAL: Application and Analysis
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
An introduction to trust negotiation
iTrust'03 Proceedings of the 1st international conference on Trust management
Extending the globus architecture with role-based trust management
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
Types for security in a mobile world
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Journal of Network and Systems Management
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Towards an integrated formal analysis for security and trust
FMOODS'05 Proceedings of the 7th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Modeling public key infrastructures in the real world
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Visualizing privacy implications of access control policies in social network systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
A logic for analysing subterfuge in delegation chains
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
A visualization tool for evaluating access control policies in facebook-style social network systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Survey: Usage control in computer security: A survey
Computer Science Review
The semantics of role-based trust management languages
CEE-SET'09 Proceedings of the 4th IFIP TC 2 Central and East European conference on Advances in Software Engineering Techniques
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
| Hi-index | 0.00 |
Trust management is a form of distributed access controlusing distributed policy statements. Since one party maydelegate partial control to another party, it is natural toask what permissions may be granted as the result of policychanges by other parties. We study security propertiessuch as safety and availability for a family of trust managementlanguages, devising algorithms for deciding the possibleconsequences of certain changes in policy. While trustmanagement is more powerful in certain ways than mechanismsin the access matrix model, and the security propertiesconsidered are more than simple safety, we find that incontrast to the classical HRU undecidability of safety properties,our primary security properties are decidable. Inparticular, most properties we studied are decidable in polynomialtime. Containment, the most complicated securityproperty we studied, is decidable in polynomial time for thesimplest TM language in the family. The problem becomescoNP-hard when intersection or linked roles are added tothe language.