Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management

S
SP
2003
2003 IEEE Symposium on Security and Privacy
Abstract - Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ninghui Li Articles by William H. Winsborough Articles by John C. Mitchell

2003 IEEE Symposium on Security and Privacy

Berkeley, CA

May 11-May 14

ISBN: 0-7695-1940-7

	ASCII Text	x
	Ninghui Li, William H. Winsborough, John C. Mitchell, "Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management," Security and Privacy, IEEE Symposium on, pp. 123, 2003 IEEE Symposium on Security and Privacy, 2003.

	BibTex	x
	@article{ 10.1109/SECPRI.2003.1199332, author = {Ninghui Li and William H. Winsborough and John C. Mitchell}, title = {Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2003}, issn = {1540-7993}, pages = {123}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.2003.1199332}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management SN - 1540-7993 SP EP A1 - Ninghui Li, A1 - William H. Winsborough, A1 - John C. Mitchell, PY - 2003 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Ninghui Li, Stanford University

William H. Winsborough, Network Associates Laboratories

John C. Mitchell, Stanford University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SECPRI.2003.1199332

Trust management is a form of distributed access control using distributed policy statements. Since one party may delegate partial control to another party, it is natural to ask what permissions may be granted as the result of policy changes by other parties. We study security properties such as safety and availability for a family of trust management languages, devising algorithms for deciding the possible consequences of certain changes in policy. While trust management is more powerful in certain ways than mechanisms in the access matrix model, and the security properties considered are more than simple safety, we find that in contrast to the classical HRU undecidability of safety properties, our primary security properties are decidable. In particular, most properties we studied are decidable in polynomial time. Containment, the most complicated security property we studied, is decidable in polynomial time for the simplest TM language in the family. The problem becomes coNP-hard when intersection or linked roles are added to the language.

Citation:

Ninghui Li, William H. Winsborough, John C. Mitchell, "Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management," sp, pp.123, 2003 IEEE Symposium on Security and Privacy, 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.