Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Communications of the ACM
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
ACM SIGOPS Operating Systems Review
Computer
Aligning Security and Usability
IEEE Security and Privacy
Risk Management of Corporate Confidential Information in Digital Form
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Towards a unifying view on security contracts
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
On the deployment of a real scalable delegation service
Information Security Tech. Report
Usage control platformization via trustworthy SELinux
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Variations in Access Control Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Strategic planning for the computer science security
WSEAS Transactions on Computers
A methodology to minimise excessively permissive security configurations
ACS'08 Proceedings of the 8th conference on Applied computer scince
De-anonymizing the internet using unreliable IDs
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
A modal deconstruction of access control logics
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Preliminary security specification for New Zealand's igovt system
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Retaining sandbox containment despite bugs in privileged memory-safe code
Proceedings of the 17th ACM conference on Computer and communications security
Practical security for disconnected nodes
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Searching the searchers with searchaudit
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Joint network-host based malware detection using information-theoretic tools
Journal in Computer Virology
Secure business process model specification through a UML 2.0 activity diagram profile
Decision Support Systems
Audit mechanisms for privacy protection in healthcare environments
HealthSec'11 Proceedings of the 2nd USENIX conference on Health security and privacy
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Public-key cryptography and availability
SAFECOMP'05 Proceedings of the 24th international conference on Computer Safety, Reliability, and Security
Understanding and protecting privacy: formal semantics and principled audit mechanisms
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Portable tunnel establishment with a strong authentication design for secure private cloud
Proceedings of the 2012 ACM Research in Applied Computation Symposium
Speculations on the science of web user security
Computer Networks: The International Journal of Computer and Telecommunications Networking
Robust and flexible tunnel management for secure private cloud
ACM SIGAPP Applied Computing Review
Information security strategies: towards an organizational multi-strategy perspective
Journal of Intelligent Manufacturing
Hi-index | 4.10 |
Despite many computer security successes over the past 30 years, the security of the hundreds of millions of deployed computer systems remains terrible. A determined and competent attacker could destroy or steal most of the information on these systems. Even worse, an attacker could do this to millions of systems at once.The chain of trust offers a sound basis for securing systems by logging and auditing access control decisions. Principals with hierarchical names are especially important. A parent can delegate for all of its children. Rooting name spaces in keys avoids any need for a globally trusted root. The basic scheme can be varied as well by, for example, changing how it stores and transmits bytes, collects and summarizes evidence for links, expresses sets of statements, and structures compound principals.