Design of a Role-Based Trust-Management Framework

S
SP
2002
2002 IEEE Symposium on Security and Privacy
Abstract - Design of a Role-Based Trust-Management Framework

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ninghui Li Articles by John C. Mitchell Articles by William H. Winsborough

2002 IEEE Symposium on Security and Privacy

Berkeley, California

May 12-May 15

ISBN: 0-7695-1543-6

	ASCII Text	x
	Ninghui Li, John C. Mitchell, William H. Winsborough, "Design of a Role-Based Trust-Management Framework," Security and Privacy, IEEE Symposium on, pp. 114, 2002 IEEE Symposium on Security and Privacy, 2002.

	BibTex	x
	@article{ 10.1109/SECPRI.2002.1004366, author = {Ninghui Li and John C. Mitchell and William H. Winsborough}, title = {Design of a Role-Based Trust-Management Framework}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2002}, issn = {1540-7993}, pages = {114}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.2002.1004366}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Design of a Role-Based Trust-Management Framework SN - 1540-7993 SP EP A1 - Ninghui Li, A1 - John C. Mitchell, A1 - William H. Winsborough, PY - 2002 KW - access control KW - trust management KW - role-based access control KW - distributed system security KW - attribute-based access control KW - attribute certificates VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Ninghui Li, Stanford University

John C. Mitchell, Stanford University

William H. Winsborough, Network Associates, Inc.

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SECPRI.2002.1004366

We introduce the RT framework, a family of Role-based Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths of role-based access control and trust-management systems and is especially suitable for attribute-based access control. Using a few simple credential forms, RT provides localized authority over roles, delegation in role definition, linked roles, and parameterized roles. RT also introduces manifold roles, which can be used to express threshold and separation-of-duty policies, and delegation of role activations. We formally define the semantics of credentials in the RT framework by presenting a translation from credentials to Datalog rules. This translation also shows that this semantics is algorithmically tractable.

Index Terms:

access control, trust management, role-based access control, distributed system security, attribute-based access control, attribute certificates

Citation:

Ninghui Li, John C. Mitchell, William H. Winsborough, "Design of a Role-Based Trust-Management Framework," sp, pp.114, 2002 IEEE Symposium on Security and Privacy, 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.