Trust management services in relational databases

Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07

Volumn , Issue , 2007, Pages 149-160

  De Capitani Di Vimercati, Sabrina ^a   Jajodia, Sushil ^b   Paraboschi, Stefano ^c   Samarati, Pierangela ^a  

^a UNIVERSITY OF MILAN   (Italy)

^b GEORGE MASON UNIVERSITY   (United States)

^c UNIVERSITY OF BERGAMO   (Italy)

Author keywords

Access control; Credentials; Relational DBMS; Trust

Indexed keywords

MATHEMATICAL MODELS; OPEN SYSTEMS; RELATIONAL DATABASE SYSTEMS;

TRUST MANAGEMENT MODELS; TRUST MANAGEMENT SERVICES;

ACCESS CONTROL;

EID: 34748852515     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1229285.1229308     Document Type: Conference Paper

References (19)

1. C. Ardagna, E. Damiani, S. De Capitani di Vimercati, S. Foresti, and P. Samarati. Trust management. In Security, Privacy and Trust in Modern Data Management. Springer, 2006.
2. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System (Version 2), internet rfc 2704 edition, 1999.
3. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proc. of the 17th Symposium on Security and Privacy, Oakland, California, USA, May 1996.
4. P. Bonatti and P. Samarati. A unified framework for regulating access and information release on the web. Journal of Computer Security, 10(3):241-272, 2002.
5. Y. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. REFEREE: Trust management for web applications. The World Wide Web Journal, 2(3):127-139, 1997.
6. Database language SQL - part 2: Foundation (SQL/foundation). ISO International Standard, ISO/IEC 9075:1999, 1999.
7. S. De Capitani di Vimercati, S. Foresti, S. Jajodia, and P. Samarati. Access control policies and languages in open environments. In Security in Decentralized Data Management. Springer, 2006.
8. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certificate theory. RFC2693, September 1999.
9. R. Housley, W. Ford, W. Polk, and D. Solo. Internet X. 509 Public Key Infrastructure Certificate and CRL Profile, rfc 2459 edition, January 1999. http://www.ietf.org/rfc/rfc2459.txt.
10. K. Irwin and T. Yu. Preventing attribute information leakage in automated trust negotiation. In Proc. of the 12th ACM CCS, Alexandria, VA, USA, Nov. 2005.
11. N. Li, J. Mitchell, and W. Winsborough. Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM, 52(3):474-514, May 2005.
12. N. Li, W. Winsborough, and J. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 11(1):35-86, February 2003.
13. J. Ni, N. Li, and W. Winsborough. Automated trust negotiation using cryptographic credentials. In Proc. of the 12th ACM CCS, Alexandria, VA, USA, Nov. 2005.
14. P. Samarati and S. De Capitani di Vimercati. Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag, 2001.
15. L. Wang, D. Wijesekera, and S. Jajodia. A logic-based framework for attribute based access control. In Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, Washington DC, USA, October 2004.
16. J. Warner, V. Atluri, and R. Mukkamala. An attribute graph based approach to map local access control policies to credential based access control policies. In Proc. of the International Conference on Information Systems Security (ICISS 2005), Kolkata, India, December 2005.
17. M. Winslett, N. Ching, V. Jones, and I. Slepchin. Using digital credentials on the World-Wide Web. Journal of Computer Security, 1997.
18. T. Yu and M. Winslett. A unified scheme for resource protection in automated trust negotiation. In Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2003.
19. T. Yu, M. Winslett, and K. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security, 6(1):1-42, February 2003.