Using trust and risk in role-based access control policies

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn 9, Issue , 2004, Pages 156-162

  Dimmock, Nathan ^a   Belokosztolszki, András ^a   Eyers, David ^a   Bacon, Jean ^a   Moody, Ken ^a  

^a UNIVERSITY OF CAMBRIDGE   (United Kingdom)

Author keywords

Access Control; OASIS; Risk; SECURE; Trust

Indexed keywords

ALGORITHMS; COMMUNICATION SYSTEMS; COMPUTER OPERATING SYSTEMS; HIERARCHICAL SYSTEMS; INFORMATION MANAGEMENT; PARAMETER ESTIMATION; PUBLIC POLICY; QUALITY CONTROL; RELIABILITY; RISK MANAGEMENT;

ACCESS CONTROL; OASIS; RISK; SECURE; TRUST;

SECURITY OF DATA;

EID: 4143058053     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/990036.990062     Document Type: Conference Paper

References (19)

1. Alfarez Abdul-Rahman and Stephen Halles. Supporting trust in virtual communities. In Hawaii International Conference on System Sciences 33, pages 1769-1777, 2000.
2. Karl Aberer and Zoran Despotovic. Managing trust in a peer-2-peer information system. In Proceedings of the Tenth International Conference on Information and Knowledge Management(CIKM01), pages 310-317. ACM Press, November 2001.
3. Ashton Applewhite. Getting the Grid. IEEE Distributed Systems Online, May 2002.
4. Jean Bacon, Ken Moody, and Walt Yao. Access control and trust in the use of widely distributed services. In Middleware 2001, volume 2218, pages 300-315, November 2001.
5. Jean Bacon, Ken Moody, and Walt Yao. A model of OASIS role-based access control and its support for active security. ACM Transactions on Information and System Security (TISSEC), 5(4):492-540, November 2002.
6. Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized trust management. In Proc. IEEE Conference on Security and Privacy. AT&T, May 1996.
7. Marco Carbone, Mogens Nielsen, and Vladimiro Sassone. A formal model for trust in dynamic networks. Research Series RS-03-04, BRICS, Department of Computer Science, University of Aarhus, January 2003. EU Project SECURE IST-2001-32486 Deliverable 1.1.
8. Nathan Dimmock. How much is 'enough'? Risk in trust-based access control. In IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises -Enterprise Security, pages 281-282, June 2003.
9. Tyrone Grandison and Morris Sloman. A survey of trust in internet applications. IEEE Communications Society, Surveys and Tutorials, 3(4), 2000.
10. ISO/IEC JTC1/SC22 Working Group. ISO/IEC 9899 - Programming languages - C, 1999.
11. Audun Jøsang. A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 9(9), June 2001.
12. Audun Jøsang, Elizabeth Gray, and Michael Kinateder. Analysing topologies of transitive trust. In Proceedings of the Workshop of Formal Aspects of Security and Trust (FAST), September 2003.
13. Lalana Kagal, Tim Finin, and Anupam Joshi, Trust-based security in pervasive computing environments. IEEE Computer, pages 154-157, DEC 2001.
14. Ninghui Li, John C. Mitchell, and William H. Winsborough. Design of a role-based trust management framework. In 2002 IEEE Symposium on Security and Privacy, pages 114-131. IEEE, May 2002.
15. Jean-Marc Seigneur, Stephen Farrell, Christian Damsgaard Jensen, Elizabeth Gray, and Chen Yong. End-to-end trust in pervasive computing starts with recognition. In Proceedings of the First International Conference on Security in Pervasive Computing, 2003.
16. Li Xiong and Ling Liu. Building trust in decentralized peer-to-peer electronic communities. In The 5th International Conference on Electronic Commerce Research, October 2002.
17. Walt Teh-Ming Yao. Fidelis: A policy-driven trust management framework. In Proc. of the 1st Intem'l Conf. on Trust Management, number 2692 in LNCS. Springer-Verlag, May 2003.
18. Bin Yu and Munindar P. Singh. An evidential model of distributed reputation management, In 1st Intern'l Joint Conf. on Autonomous Agents and MultiAgent Systems. ACM, July 2002.
19. Yuhui Zhong and Bharat Bhargava. Authorization based on evidence and trust. In Yahiko Kambayashi, Werner Winiwarter, and Masatoshi Arikawa, editors, Data Warehousing and Knowledge Discovery(DaWaK 2002), 4th International Conference, volume 2454 of Lecture Notes in Computer Science, pages 94-103. Springer, 2002.