Unified declarative platform for secure networked information systems

Proceedings - International Conference on Data Engineering

Volumn , Issue , 2009, Pages 150-161

  Zhou, Wenchao ^a   Mao, Yun ^a   Loo, Boon Thau ^a   Abadi, Martín ^b,c  

^a UNIVERSITY OF PENNSYLVANIA   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

^c MICROSOFT RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTHENTICATED COMMUNICATION; DATA ANALYSIS; DATALOG; DISTRIBUTED NETWORKS; DISTRIBUTED SYSTEMS; LOCAL CLUSTER; LOGIC-BASED LANGUAGES; NETWORK SECURITY ANALYSIS; NETWORKED INFORMATION SYSTEMS; NETWORKED SYSTEMS; PERFORMANCE STUDY; PLANETLAB; RECURSIVE QUERY PROCESSING; SECURE NETWORKS; SECURITY POLICY; TRUST MANAGEMENT SYSTEMS;

ACCESS CONTROL; INFORMATION SYSTEMS; INTERNET; LINGUISTICS; MANAGEMENT INFORMATION SYSTEMS; QUERY LANGUAGES; RECURSIVE FUNCTIONS; SECURITY SYSTEMS; XML;

NETWORK SECURITY;

EID: 67649635248     PISSN: 10844627     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICDE.2009.58     Document Type: Conference Paper

References (34)

1. P. Laskowski and J. Chuang, "Network monitors and contracting systems: Competition and innovation," in SIGCOMM, 2007.
2. S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Practical network support for IP traceback," in SIGCOMM, 2000.
3. Y. Xie, V. Sekar, M. Reiter, and H. Zhang, "Forensic analysis for epidemic attacks in federated networks," in ICNP, 2006.
4. T. Jim, "SD3: A Trust Management System With Certified Evaluation," in IEEE Symposium on Security and Privacy, May 2001.
5. N. Li, B. N. Grosof, and J. Feigenbaum, "Delegation Logic: A logicbased approach to distributed authorization," ACM TISSEC, Feb. 2003.
6. Moritz Y. Becker and Cedric Fournet and Andrew D. Gordon, "SecPAL: Design and Semantics of a Decentralized Authorization Language," Microsoft Research, Tech. Rep. MSR-TR-2006-120, 2006.
7. J. DeTreville, "Binder: A logic-based security language," in IEEE Symposium on Security and Privacy, 2002.
8. N. Li, W. H. Winsborough, and J. C. Mitchell, "Distributed credential chain discovery in trust management," Journal of Computer Security, vol. 11, no. 1, pp. 35-86, 2003.
9. M. Y. Becker and P. Sewell, "Cassandra: Distributed Access Control Policies with Tunable Expressiveness," in 5th IEEE International Workshop on Policies for Distributed Systems and Networks, 2004.
10. Boon Thau Loo et. al, "Declarative Routing: Extensible Routing with Declarative Queries," in SIGCOMM, 2005.
11. B. T. Loo, T. Condie, J. M. Hellerstein, P. Maniatis, T. Roscoe, and I. Stoica, "Implementing Declarative Overlays," in ACM SOSP, 2005.
12. Boon Thau Loo et. al., "Declarative Networking: Language, Execution and Optimization," in ACM SIGMOD, June 2006.
13. P. Buneman, S. Khanna, and W. C. Tan, "Why and where: A characterization of data provenance," in ICDT, 2001.
14. R. Ramakrishnan and J. D. Ullman, "A Survey of Research on Deductive Database Systems," Journal of Logic Programming, vol. 23, no. 2, pp. 125-149, 1993.
15. M. Abadi, "On Access Control, Data Integration and Their Languages," Computer Systems: Theory, Technology and Applications, A Tribute to Roger Needham, vol. Springer-Verlag, pp. 9-14, 2004.
16. I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan, "Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications," in SIGCOMM, 2001.
17. R. Huebsch, J. M. Hellerstein, N. Lanham, B. T. Loo, S. Shenker, and I. Stoica, "Querying the Internet with PIER," in VLDB, 2003.
18. PlanetLab, "Global testbed," http://www.planet-lab.org/.
19. B. Lampson, M. Abadi, M. Burrows, and E. Wobber, "Authentication in Distributed Systems: Theory and Practice," ACM TOCS, 1992.
20. F. Bancilhon, D. Maier, Y. Sagiv, and J. Ullman, "Magic Sets and Other Strange Ways to Implement Logic Programs," in SIGMOD, 1986.
21. Y. Mao, B. T. Loo, Z. Ives, and J. M. Smith, "MOSAIC: Unified Platform for Dynamic Overlay Selection and Composition," University of Pennsylvania CIS Technical Report No. MS-CIS-08-21, 2008.
22. Secure BGP, http://www.ir.bbn.com/sbgp/.
23. M. Castro, P. Drushel, A. Ganesh, A. Rowstron, and D. Wallach, "Secure Routing for Structured Peer-to-peer Overlay Networks," in OSDI, 2002.
24. E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek, "The Click Modular Router," ACM TOCS, vol. 18(3), 2000.
25. Daniel J. Abadi et. al., "The Design of the Borealis Stream Processing Engine," in CIDR, 2005.
26. K. Minami and D. Kotz, "Secure context-sensitive authorization," in PERCOM, 2005.
27. T. J. Green, G. Karvounarakis, and V. Tannen, "Provenance semirings," in ACM Symposium on Principles of Database Systems, 2007.
28. H. Balakrishnan, M. F. Kaashoek, D. Karger, R. Morris, and I. Stoica, "Looking Up Data in P2P Systems," Communications of the ACM, Vol. 46, No. 2, 2003.
29. M. Abadi and B. T. Loo, "Towards a Language and System for Secure Networking," in NetDB, 2007.
30. W. Zhou, E. Cronin, and B. T. Loo, "Provenance-aware Secure Networks," in NetDB, 2008.
31. R. V. Nehme, E. A. Rundensteiner, and E. Bertino, "A security punctuation framework for enforcing access control on streaming data," in ICDE, 2008.
32. Barbara Carminati and Elena Ferrari and Kian-Lee Tan, "Specifying Access Control Policies on Data Streams," in DASFAA, 2007.
33. M. Abadi and B. Blanchet, "Analyzing security protocols with secrecy types and logic programs," in POPL, 2002.
34. S. Raman and S. McCanne, "A model, analysis, and protocol framework for soft state-based communication," in SIGCOMM, 1999.