Abstract
Role-based Trust management (RT) languages are used for representing policies and credentials in decentralized, distributed access control systems. RT languages combine trust management and role-based access control features. A credential provides information about the keys, rights and qualifications from one or more trusted authorities. The paper presents a set-theoretic semantics of Role-based Trust management languages, which maps a role to a set of sets of entity names. The semantics applies not only to the basic language of the family RT 0, but also to a much more sophisticated RT T, which provides manifold roles and role-product operators to express threshold and separation-of-duty policies. A manifold role defines sets of entities whose cooperation satisfies the manifold role. It enables to express a such a condition, which need more than one member of a role to effectively fulfill the particular task.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. of the 17th IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Oakland CA (1996)
Blaze, M., Feigenbaum, J., Keromytis, A.D.: The Role of Trust Management in Distributed Systems Security. In: Ryan, M. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)
Chadwick, D., Otenko, A., Ball, E.: Role-Based Access Control with X.509 Attribute Certificates. IEEE Internet Comput. 2, 62–69 (2003)
Chapin, P., Skalka, C., Wang, X.S.: Authorization in Trust Management: Features and Foundations. ACM Comput. Surv. 3, 1–48 (2008)
Felkner, A.: Modeling Trust Mangement in Computer Systems. In: Proc. of the 9th Int. PhD Workshop OWD 2007, Conference Archives PTETiS, vol. 23, pp. 65–70 (2007)
Felkner, A.: Set-Theoretic Semantics of Role-Based Trust Management. In: Proc. of the 10th Int. PhD Workshop OWD 2008, Conference Archives PTETiS, vol. 25, pp. 567–572 (2008)
Ferraiolo, D.F., Kuhn, D.R.: Role-based Access Control. In: Proc. of the 15th National Computer Security Conference, pp. 554–563 (1992)
Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 3, 224–274 (2001)
Gorla, D., Hennessy, M., Sassone, V.: Inferring Dynamic Credentials for Role-Based Trust Management. In: Proc. of the 8th ACM SIGPLAN Conference on Principles and Practice of Declarative Programming, pp. 213–224. ACM (2006)
Harel, D., Rumpe, B.: Modeling Languages: Syntax, Semantics and All That Stuff, Part I: The Basic Stuff. Weizmann Science Press of Israel, Jerusalem (2000)
Li, N., Mitchell, J.: RT: A Role-Based Trust-Management Framework. In: Proc. of the 3rd DARPA Information Survivability Conference and Exposition, pp. 201–212. IEEE Computer Society Press, Oakland CA (2003)
Li, N., Mitchell, J., Winsborough, W.: Design of a Role-Based Trust-Management Framework. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Oakland CA (2002)
Li, N., Winsborough, W., Mitchell, J.: Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 123–139. IEEE Computer Society Press, Oakland CA (2003)
Li, N., Winsborough, W., Mitchell, J.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 1, 35–86 (2003)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 2, 38–47 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Felkner, A., Sacha, K. (2012). The Semantics of Role-Based Trust Management Languages. In: Szmuc, T., Szpyrka, M., Zendulka, J. (eds) Advances in Software Engineering Techniques. CEE-SET 2009. Lecture Notes in Computer Science, vol 7054. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28038-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-28038-2_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28037-5
Online ISBN: 978-3-642-28038-2
eBook Packages: Computer ScienceComputer Science (R0)