Dynamically distributed query evaluation
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Distributed credential chain discovery in trust management: extended abstract
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
ConChord: Cooperative SDSI Certificate Storage and Name Resolution
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Distributed credential chain discovery in trust management
Journal of Computer Security
Role-based cascaded delegation
Proceedings of the ninth ACM symposium on Access control models and technologies
Policy migration for sensitive credentials in trust negotiation
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
IEEE Intelligent Systems
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Secure context-sensitive authorization
Pervasive and Mobile Computing
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
Adaptive Trust Negotiation and Access Control for Grids
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
A type discipline for authorization policies
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Single-bit re-encryption with applications to distributed proof systems
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Information carrying identity proof trees
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Journal of the ACM (JACM)
DXQ: a distributed XQuery scripting language
XIME-P '07 Proceedings of the 4th international workshop on XQuery implementation, experience and perspectives
Access control policies and languages
International Journal of Computational Science and Engineering
Towards a declarative language and system for secure networking
NETB'07 Proceedings of the 3rd USENIX international workshop on Networking meets databases
Verified enforcement of stateful information release policies
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Access control by action control
Proceedings of the 13th ACM symposium on Access control models and technologies
Detecting and resolving policy misconfigurations in access-control systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
ACM Transactions on Information and System Security (TISSEC)
A Semantic Foundation for Trust Management Languages with Weights: An Application to the RT Family
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
A Formal Framework for Expressing Trust Negotiation in the Ubiquitous Computing Environment
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
Distributed Authorization by Multiparty Trust Negotiation
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards Role Based Trust Management without Distributed Searching of Credentials
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Requirements of federated trust management for service-oriented architectures
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Variable weight risk management model for IT services
ISTASC'08 Proceedings of the 8th conference on Systems theory and scientific computation
Verified enforcement of stateful information release policies
ACM SIGPLAN Notices
Event-oriented Web-based E-trading
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
ALOPA: Authorization Logic for Property Attestation in Trusted Platforms
ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing
Automated trust negotiation using cryptographic credentials
ACM Transactions on Information and System Security (TISSEC)
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Transactions on Programming Languages and Systems (TOPLAS)
Effective trust management through a hybrid logical and relational approach
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A logic for authorization provenance
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Policy-based access control for weakly consistent replication
Proceedings of the 5th European conference on Computer systems
Trust management tools for internet applications
iTrust'03 Proceedings of the 1st international conference on Trust management
Dynamic event-based access control as term rewriting
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Core TuLiP logic programming for trust management
ICLP'07 Proceedings of the 23rd international conference on Logic programming
A certified distributed security logic for authorizing code
TYPES'06 Proceedings of the 2006 international conference on Types for proofs and programs
An introduction to the role based trust management framework RT
Foundations of security analysis and design IV
A logic for state-modifying authorization policies
ACM Transactions on Information and System Security (TISSEC)
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
SecureBlox: customizable secure distributed data processing
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
Abductive authorization credential gathering
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
An emulation of GENI access control
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Independently verifiable decentralized role-based delegation
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
ABUSE: PKI for real-world email trust
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Detecting and resolving policy misconfigurations in access-control systems
ACM Transactions on Information and System Security (TISSEC)
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Confidentiality-preserving proof theories for distributed proof systems
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Datalog and emerging applications: an interactive tutorial
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Socially constructed trust for distributed authorization
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Rewrite specifications of access control policies in distributed environments
STM'10 Proceedings of the 6th international conference on Security and trust management
Opacity analysis in trust management systems
ISC'11 Proceedings of the 14th international conference on Information security
Relaxed safeness in Datalog-based policies
RuleML'11 Proceedings of the 5th international conference on Rule-based modeling and computing on the semantic web
Eyeing your exposure: quantifying and controlling information sharing for improved privacy
Proceedings of the Seventh Symposium on Usable Privacy and Security
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Trust management with safe privilege propagation
APPT'05 Proceedings of the 6th international conference on Advanced Parallel Processing Technologies
Distributed credential chain discovery in trust-management with parameterized roles
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
A relational database integrity framework for access control policies
Journal of Intelligent Information Systems
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
D-FOAF: distributed identity management with access rights delegation
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Representing distributed groups with dgFOAF
ESWC'10 Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part II
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Bring efficient connotation expressible policies to trust management
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Weighted pushdown systems and trust-management systems
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Dedalus: datalog in time and space
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Recent advances in declarative networking
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Computers & Mathematics with Applications
Logical approaches to authorization policies
Logic Programs, Norms and Action
Efficient proving for practical distributed access-control systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Declarative secure distributed information systems
Computer Languages, Systems and Structures
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
DKAL*: constructing executable specifications of authorization protocols
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Belief semantics of authorization logic
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A formal distributed network monitoring approach for enhancing trust management systems
Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems
Information flow in trust management systems
Journal of Computer Security - CSF 2010
| Hi-index | 0.00 |
Abstract: We introduce SD3, a trust management system consisting of a high-level policy language, a local policy evaluator, and a certificate retrieval system. A unique feature of SD3 is its certified evaluator: as the evaluator computes the answer to a query, it also computes a proof that the answer follows from the security policy. Before the answer is returned, the proof is passed through a simple checker, and incorrect proofs are reported as errors. The certified evaluator reduces the trusted computing base and greatly increases our confidence that the answers produced by the evaluator follow from the specification, despite complex optimizations. To illustrate SD3's capabilities, we show how to implement a secure name service, similar to DNSSEC, entirely in SD3.