Two semantics of trust management language with negation

• Autorzy: Felkner A.
• Języki publikacji: EN

Abstrakty

EN

The family of Role-based Trust management languages is used for representing security policies by defining a formalism, which uses credentials to handle trust in decentralized, distributed access control systems. A credential provides information about the privileges of users and the security policies issued by one or more trusted authorities. The main topic of this paper is RT⊖, a language which provides a carefully controlled form of non-monotonicity. The core part of the paper defines two different semantics of RT⊖ language – a relational, set-theoretic semantics for the language, and an inference system, which is a kind of operational semantics. The set-theoretic semantics maps roles to a set of entity names. In the operational semantics credentials can be derived from an initial set of credentials using a set of inference rules. The soundness and the completeness of the inference system with respect to the set-theoretic semantics of RT⊖ will be proven.

Słowa kluczowe

EN

access control; inference system; monotonicity; role-based trust management; set-theoretic semantics

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2013
• Tom: nr 4
• Strony: 102--108
• Opis fizyczny: Bibliogr. 17 poz., tab.

Twórcy

autor

Felkner A.

• Research and Academic Computer Network (NASK), Warsaw, Poland

Bibliografia

• [1] M. R. Czenko et al., ”Nonmonotonic Trust Management for P2P Applications”, in Proc. 1st Int. Worksh. Secur. Trust Manag. STM 2005, Milan, Italy, 2005.
• [2] R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, ”Role-based access control models”, IEEE Comp., vol. 29, pp. 38–47, 1996.
• [3] M. Blaze, J. Feigenbaum, and M. Strauss, ”Compliance checking in the PolicyMaker trust management system”, in Proc. 2nd Int. Conf. Financial Cryptogr., London, UK, 1998, pp. 254–274.
• [4] M. Blaze, J. Feigenbaum, and A. D. Keromytis, ”The role of trust management in distributed systems security” in Secure Internet Programming, J. Vitek, C. Damsgaard Jensen, Eds. London: Springer, 1999, pp. 185–210.
• [5] D. Clarke et al., ”Certificate chain discovery in SPKI/SDSI”, J. Comp. Secur., vol. 9, pp. 285–322, 2001.
• [6] P. Chapin, C. Skalka, and X. S. Wang, ”Authorization in trust management: Features and foundations”, ACM Comput. Surv., vol. 3, pp. 1–48, 2008.
• [7] M. R. Czenko, S. Etalle, D. Li, and W. H. Winsborough, ”An Introduction to the Role Based Trust Management Framework RT”, Tech. Rep. TR-CTIT-07-34, Centre for Telematics and Information Technology University of Twente, Enschede, The Netherlands, 2007.
• [8] N. Li, J. Mitchell, W. Winsborough, ”Design of a Role-Based Trust-Management Framework”, in Proc. IEEE Symp. Secur. Privacy, Oakland, CA, USA, 2002, pp. 114–130.
• [9] N. Li, W. Winsborough, and J. Mitchell, ”Distributed credential chain discovery in trust management”, J. Comput. Secur., vol. 11, no. 1, pp. 35–86, 2003.
• [10] D. Gorla, M. Hennessy, and V. Sassone, ”Inferring dynamic credentials for role-based trust management”, in Proc. 8th Conf. Princip. Pract. Declarat. Program. PPDP 2006, Venice, Italy, 2006. New York: ACM, 2006, pp. 213–224.
• [11] A. Felkner and K. Sacha, ”The semantics of role-based trust management languages”, in Advances in Software Engineering Techniques, T. Szmuc, M. Szpyrka, and J. Zendulka, Eds. LNCS, vol. 7054, pp. 179–189. Heidelberg: Springer, 2012.
• [12] A. Felkner and A. Kozakiewicz, ”RTT + – time validity constraints in RTT language”, J. Telecom. Inform. Technol., no. 2, pp. 74–82, 2012.
• [13] M. Blaze, J. Feigenbaum, and J. Lacy, ”Decentralized trust management”, in Proc. 17th IEEE Symp. Secur. Priv. S&P 1996, Oakland, CA, USA, 1996, pp. 164–173.
• [14] N. Li and C. Mitchell, “Understanding SPKI/SDSI using first-order logic”, Int. J. Inf. Secur., vol. 5, no. 1, pp. 48–64, 2006.
• [15] A. Felkner, “Zarządzanie zaufaniem oparte na rolach” (“Role-based Trust Management”), PhD Thesis, Faculty of Electronics and Information Technology, Warsaw University of Technology, 2009.
• [16] A. Felkner and A. Kozakiewicz, ”Time validity in role-based trust management inference system”, Sec. and Trust Comput., Data Manag., and Appl. Commun. in Comp. and Inform. Sci., vol. 187, pp. 7–15, 2011.
• [17] K. Lasota and A. Kozakiewicz, ”Model of user access control to virtual machines based on RT – family trust management language with temporal validity constrains – practical application”, J. Telecom. Inform. Technol., no. 3, pp. 13–21, 2012.