Concurrency control in distributed database systems
Concurrency control in distributed database systems
Understanding the limitations of causally and totally ordered communication
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Distributed snapshots: determining global states of distributed systems
ACM Transactions on Computer Systems (TOCS)
Consistent global states of distributed systems: fundamental concepts and mechanisms
Distributed systems (2nd Ed.)
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
Time, clocks, and the ordering of events in a distributed system
Communications of the ACM
Distributed Systems: Principles and Paradigms
Distributed Systems: Principles and Paradigms
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
ACM Transactions on Information and System Security (TISSEC)
IEEE Internet Computing
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Towards Practical Automated Trust Negotiation
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Secrecy, authentication, and public key systems.
Secrecy, authentication, and public key systems.
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Distributed Proving in Access-Control Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Preventing attribute information leakage in automated trust negotiation
Proceedings of the 12th ACM conference on Computer and communications security
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Scalability in a secure distributed proof system
PERVASIVE'06 Proceedings of the 4th international conference on Pervasive Computing
Interactive credential negotiation for stateful business processes
iTrust'05 Proceedings of the Third international conference on Trust Management
Lightweight cnsistency enforcement schemes for distributed proofs with hidden subtrees
Proceedings of the 12th ACM symposium on Access control models and technologies
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
Stale-safe security properties for group-based secure information sharing
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Identity-based long running negotiations
Proceedings of the 4th ACM workshop on Digital identity management
On the consistency of distributed proofs with hidden subtrees
ACM Transactions on Information and System Security (TISSEC)
ACConv -- An Access Control Model for Conversational Web Services
ACM Transactions on the Web (TWEB)
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
| Hi-index | 0.00 |
In trust negotiation and other distributed proving systems, networked entities cooperate to form proofs that are justi?ed by collections of certi?ed attributes. These attributes may be obtained through interactions with any number of external entities and are collected and validated over an extended period of time. Though these collections of credentials in some ways resemble partial system snapshots,these systems currently lack the notion of a consistent global state in which the satisfaction of authorization policies should be checked. In this paper, we argue that unlike the notions of consistency studied in other areas of distributed computing, the level of consistency required during policy evaluation is predicated solely upon the security requirements of the policy evaluator. As such,there is little incentive for entities to participate in complicated consistency preservation schemes like those used in distributed computing,distributed databases, and distributed shared memory. We go on to show that the most intuitive notion of consistency fails to provide basic safety guarantees under certain circumstances and then propose several more refined notions of consistency which provide stronger safety guarantees. We provide algorithms that allow each of these re ?ned notions of consistency to be attained in practice with minimal overheads.