Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
Towards a theory of declarative knowledge
Foundations of deductive databases and logic programming
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models
Computer
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
On SDSI's linked local name spaces
Journal of Computer Security
Protection in operating systems
Communications of the ACM
Policy-directed certificate retrieval
Software—Practice & Experience
A logic for SDSI's linked local name spaces
Journal of Computer Security
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Reachability Analysis of Pushdown Automata: Application to Model-Checking
CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
Efficient Algorithms for Model Checking Pushdown Systems
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Distributed credential chain discovery in trust management
Journal of Computer Security
ACM SIGOPS Operating Systems Review
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Analysis of SPKI/SDSI Certificates Using Model Checking
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A State-Transition Model of Trust Management and Access Control
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Integrity constraints in trust management
Proceedings of the tenth ACM symposium on Access control models and technologies
Methods and limitations of security policy reconciliation
ACM Transactions on Information and System Security (TISSEC)
Resiliency policies in access control
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Secure resource sharing on cross-organization collaboration using a novel trust method
Robotics and Computer-Integrated Manufacturing
Engineering Trust Management into Software Models
MISE '07 Proceedings of the International Workshop on Modeling in Software Engineering
An End-To-End Approach to Distributed Policy Language Implementation
Electronic Notes in Theoretical Computer Science (ENTCS)
On the Decidability of the Safety Problem for Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Information and Computation
Role-based trust management security policy analysis and correction environment (RT-SPACE)
Companion of the 30th international conference on Software engineering
A theory for comparing the expressive power of access control models
Journal of Computer Security
ROWLBAC: representing role based access control in OWL
Proceedings of the 13th ACM symposium on Access control models and technologies
Authorization in trust management: Features and foundations
ACM Computing Surveys (CSUR)
Toward practical analysis for trust management policy
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Dynamics, Robustness and Fragility of Trust
Formal Aspects in Security and Trust
Formal Aspects in Security and Trust
Towards a dynamic and composable model of trust
Proceedings of the 14th ACM symposium on Access control models and technologies
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Specification and Enforcement of Static Separation-of-Duty Policies in Usage Control
ISC '09 Proceedings of the 12th International Conference on Information Security
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Effective trust management through a hybrid logical and relational approach
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A modal deconstruction of access control logics
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
A logic for state-modifying authorization policies
ACM Transactions on Information and System Security (TISSEC)
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Dynamic policy based model for trust based access control in P2P applications
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
ABUSE: PKI for real-world email trust
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Quantifying and qualifying trust: spectral decomposition of trust networks
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
An authorization scheme for version control systems
Proceedings of the 16th ACM symposium on Access control models and technologies
Refinement of history-based policies
Logic programming, knowledge representation, and nonmonotonic reasoning
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
Automatic error finding in access-control policies
Proceedings of the 18th ACM conference on Computer and communications security
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Security analysis and validation for access control in multi-domain environment based on risk
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Bring efficient connotation expressible policies to trust management
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
A new RBAC based access control model for cloud computing
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
A logic for state-modifying authorization policies
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
The need for application-aware access control evaluation
Proceedings of the 2012 workshop on New security paradigms
Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
ACM Transactions on Information and System Security (TISSEC)
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
A trustworthiness evaluation method for wireless sensor nodes based on d-s evidence theory
WASA'13 Proceedings of the 8th international conference on Wireless Algorithms, Systems, and Applications
Formal verification of security properties in trust management policy
Journal of Computer Security
Policy-driven role-based access management for ad-hoc collaboration
Journal of Computer Security
| Hi-index | 0.01 |
Trust management is a form of distributed access control that allows one principal to delegate some access decisions to other principals. While the use of delegation greatly enhances flexibility and scalability, it may also reduce the control that a principal has over the resources it owns. Security analysis asks whether safety, availability, and other properties can be maintained while delegating to partially trusted principals. We show that in contrast to the undecidability of classical Harrison--Ruzzo--Ullman safety properties, our primary security properties are decidable. In particular, most security properties we study are decidable in polynomial time. The computational complexity of containment analysis, the most complicated security property we study, varies according to the expressive power of the trust management language.