Deriving RTT credentials for role-based trust management

• Autorzy: Felkner A. , Sacha K.
• Języki publikacji: EN

Abstrakty

EN

Role-based trust management languages define a formalism, which uses credentials to handle trust in decentralized, distributed access control systems. A credential provides information about the privileges of users and the security policies issued by one or more trusted authorities. The main topic of this paper is RTT , a language which supports manifold roles and role-product operators to express threshold and separation of duties policies. The core part of the paper defines a relational, set-theoretic semantics for the language, and introduces a deductive system, in which credentials can be derived from an initial set of credentials using a set of inference rules. The soundness and the completeness of the deductive system with respect to the semantics of RTT is proved.

Słowa kluczowe

EN

Mandatory Access Control (MAC); Discretionary Access Control (DAC); RTT

• Wydawca: Oficyna Wydawnicza Politechniki Wrocławskiej
• Czasopismo: e-Informatica Software Engineering Journal
• Rocznik: 2010
• Tom: Vol. 4, nr 1
• Strony: 9--19
• Opis fizyczny: Bibliogr. 14 poz.

Twórcy

autor

Felkner A.

autor

Sacha K.

• Research and Academic Computer Network Warsaw University of Technology

Bibliografia

• [1] M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The role of trust management in distributed systems security. In Secure Internet Programming, pages 185–210. 1999.
• [2] M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Conference on Security and Privacy, pages 164–173, 1996.
• [3] M. Blaze, J. Feigenbaum, and M. Strauss. Compliance checking in the PolicyMaker trust management system. In Financial Cryptography, pages 1439–1456, 1998.
• [4] D. Clarke, J. E. Elienb, C. Ellison, M. Fredette, A. Morcos, and R. L. Rivest. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security, 9(4):285–322, 2001.
• [5] A. Felkner and K. Sacha. The semantics of role-based trust management languages. In Proc. Central and Eastern European Conference on Software Engineering Techniques CEE-SET, pages 195–206, 2009.
• [6] D. Ferraiolo and D. Kuhn. Role-based access control. In Proc. 15th National Computer Security Conference, pages 554–563, 1992.
• [7] D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), 4(3):224–274, 2001.
• [8] D. Gorla, M. Hennessy, and V. Sassone. Inferring dynamic credentials for role-based trust management. In Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming, page 224, 2006.
• [9] W. M. Grudzewski, I. K. Hejduk, A. Sankowska, and M. Wantuchowicz. Trust Management in Virtual Work Environments: A Human Factors Perspective. CRC Press, 2008.
• [10] D. Harel and B. Rumpe. Modeling languages: Syntax, semantics and all that stu. 2000.
• [11] N. Li and J. Mitchell. RT: a role-based trust-management framework. In Proc. 3rd DARPA Information Survivability Conference Deriving RTT Credentials for Role-Based Trust Management 19 and Exposition, pages 201–212. IEEE Computer Society Press, 2003.
• [12] N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework.In Proceedings of 2002 IEEE Symposium on Security and Privacy, pages 114–130, Oakland CA, 2002. IEEE Computer Society Press.
• [13] N. Li, W. H. Winsborough, and J. C. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 11(1):35–86, 2003.
• [14] R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. Computer, 29(2):38–47, 1996.