Beyond proof-of-compliance: Security analysis in trust management

Journal of the ACM

Volumn 52, Issue 3, 2005, Pages 474-514

  Li, Ninghui ^a,d   Mitchell, John C ^b,e   Winsborough, William H ^c,f  

^a PURDUE UNIVERSITY   (United States)

^b STANFORD UNIVERSITY   (United States)

^c GEORGE MASON UNIVERSITY   (United States)

^d Purdue University   (United States)

^e Stanford University   (United States)

^f George Mason University   (United States)

Author keywords

Access control; Distributed system security; Logic programs; Safety analysis; Trust management

Indexed keywords

DISTRIBUTED ACCESS CONTROL; SAFETY ANALYSIS; TRUST MANAGEMENT;

COMPUTATIONAL COMPLEXITY; DECISION MAKING; DISTRIBUTED COMPUTER SYSTEMS; LOGIC PROGRAMMING; POLYNOMIALS;

SECURITY OF DATA;

EID: 30544438141     PISSN: 00045411     EISSN: 00045411     Source Type: Journal    
DOI: 10.1145/1066100.1066103     Document Type: Article

References (36)

1. ABADI, M. 1998. On SDSI's linked local name spaces. J. Compta. Sec. 6, 1-2, 3-21.
2. ABADI, M, BURROWS, M. LAMPSON, B., AND PLOTKIN, G. 1993. A calculus for access control in distributed systems. ACM Trans. Prag. Lang. Syst. 15, 4 (Oct.), 706-734.
3. APT, K. R., BLAIR, H. A., AND WALKER, A. 1988. Towards a theory of declarative knowledge. In Foundations of Deductive Databases and Logic Programming, J. Minker, Ed. Morgan Kaufmann, Los Altos, Calif., 89-148.
4. BLAZE, M., FEIGENBAUM, J., IOANNIDIS, J., AND KEROMYTIS, A. D. 1999a. The KeyNote trustmanagement system, version 2. IETF RFC 2704.
5. BLAZE, M., FEIGENBAUM, J., IOANNIDIS, J., AND KEROMYTIS, A. D. 1999b. The role of trust management in distributed systems. In Secure Internet Programming. Lecture Notes in Computer Science, vol. 1603. Springer-Verlag, New York, 185-210.
6. BLAZE, M., FEIGENBAUM, J., AND LACY, J. 1996. Decentralized trust management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., 164-173.
7. BOUAJJANI, A., ESPARZA, J., AND MALER, O. 1997. Reachability analysis of pushdown automata: Application to model-checking. In Proceedings of CONCUR'97. Lecture Notes in Computer Science, vol. 1256. Springer-Verlag, New York, 135-150.
8. CHANDER, A., DEAN, D., AND MITCHELL, J. C. 2001. A state-transition model of trust management and access control. In Proceedings of the 14th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos, Calif., 27-43.
9. CLARKE, D., ELIEN, J.-E., ELLISON, C., FREDETTE, M., MORCOS, A., AND RFVEST, R. L. 2001. Certificate chain discovery in SPKI/SDSI. J. Comput. Sec. 9, 4, 285-322.
10. DOWLING, W. F., AND GALLIER, J. H. 1984. Linear-time algorithms for testing the satisfiability of propositional horn formulae. J. Logic Prog. 1, 3, 267-284.
11. ELLISON, C., FRANTZ, B., LAMPSON, B., RIVEST, R.,THOMAS, B., AND YLONEN, T. 1999. SPKIcertificate theory. IETF RFC 2693.
12. ESPARZA, J., HANSEL, D., ROSSMANITH, P., AND SCHWOON, S. 2000. Efficient algorithms for model checking pushdown systems. In Proceedings of the 12th International Conference on Computer Aided Verification (CAV 2000). Lecture Notes in Computer Science, vol. 1855. Springer-Verlag, New York, 232-247.
13. GAREY, M. R., AND JOHNSON, D. J. 1979. Computers And Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman and Company.
14. GRAHAM, G. S., AND DENNING, P. J. 1972. Protection -principles and practice. In Proceedings of the AFIPS Spring Joint Computer Conference. Vol. 40. AFIPS Press, 417-429.
15. GUNTER, C. A., AND JIM, T. 2000. Policy-directed certificate retrieval. Softw.: Practi. Expe. 30, 15 (Sept.), 1609-1640.
16. HALPERN, J., AND VAN DER MEYDEN, R. 2001. A logic for SDSI's linked local name spaces. J. Comput. Sec. 9, 1-2, 47-74.
17. HARRISON, M. A., Ruzzo, W. L., AND ULLMAN, J. D. 1976. Protection in operating systems. Communi. ACM 19, 8 (Aug.), 461-471.
18. HUNT, H. B., ROSENKRAMTZ, D. J., AND SZYMANSKI. 1976. On the equivalence, containment, and covering problems for the regular and context-free languages. J. Comput. Syst. sci. 12, 2 (April), 222-268.
19. JHA, S., AND REPS, T. 2002. Analysis of SPKI/SDSI certificates using model checking. In Proceedings of the 15th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos, Calif., 129-144.
20. JIM, T. 2001. SD3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., 106-115.
21. LAMPSON, B., ABADI, M., BURROWS, M., AND WOBBER, E. 1992. Authentication in distributed systems: Theory and practice. ACM Trans. Comput. Syst. 10, 4 (Nov.), 265-310.
22. LAMPSON, B. W. 1971. Protection. In Proceedings of the 5th Princeton Conference on Information Sciences and Systems
23. . (Reprinted in ACM Operating Systems Review, 8(1): 18-24, Jan. 1974.)
24. Li, N. 2000. Local names in SPKI/SDSI. In Proceedings of the 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos Calif., 2-15.
25. LI, N., GROSOF, B. N., AND FEIGENBAUM, J. 2003. Delegation logic: A logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Sec. 6, 1 (Feb.), 128-171.
26. Li, N., AND MITCHELL, J. C. 2003a. Datalog with constraints: A foundation for trust management languages. In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages (PADL 2003). Lecture Notes in Computer Science, vol. 2562, Springer-Verlag, New York, 58-73.
27. Li, N., AND MITCHELL, J. C. 2003b. RT: A role-based trust-management framework. In The Third DARPA Information Survivability Conference and Exposition (DISCEX III). IEEE Computer Society Press, Los Alamitos, Calif.
28. LI, N., MITCHELL, J. C., AND WINSBOROUGH, W. H. 2002. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., 114-130.
29. Li, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. 2003b. Distributed credential chain discovery in trust management. J. Comput. Sec. 11, 1 (Feb.), 35-86.
30. LIPTON, R. J., AND SNYDER, L. 1977. A linear time algorithm for deciding subject security. J. ACM 24, 3, 455-464.
31. LLOYD, J. W. 1987. Foundations of Logic Programming, Second Edition. Springer-Verlag, New York.
32. RIVEST, R. L., AND LAMPSON, B. 1996. SDSI-A simple distributed security infrastructure. Available at http://theory.lcs.mit.edu/~rivest/sdsill.html.
33. SANDHU, R. S. 1988. The schematic protection model: Its definition and analysis for acyclic attenuating systems. J. ACM 35, 2, 404-432.
34. SANDHU, R. S. 1992. The typed access matrix model. In Proceedings of the 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., 122-136.
35. SANDHU, R. S., COYNE, E. J., FEINSTEIN, H. L., AND YOUMAN, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2 (Feb.), 38-47.
36. WEEKS, S. 2001. Understanding trust management systems. In Proceedings of 2001 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., 94-105.