Datalog with Constraints: A Foundation for Trust Management Languages
Trust management (TM) is a promising approach for authorization and access control in distributed systems, based on signed distributed policy statements expressed in a policy language. Although several TM languages are semantically equivalent to subsets of Datalog, Datalog is not suffciently expressive for ifne-grained control of structured resources. We define the class of linearly decomposable unary constraint domains, prove that Datalog extended with constraints in any combination of such constraint domains is tractable, and show that permissions associated with structured resources fall into this class. We also present a concrete declarative TM language, RTC1 , based on constraint Datalog, and use constraint Datalog to analyze another TM system, KeyNote, which turns out to be less expressive than RTC1 in significant respects, yet less tractable in the worst case. Although constraint Datalog has been studied in the context of constraint databases, TM applications involve different kinds of constraint domains and have different computational complexity requirements.
Unable to display preview. Download preview PDF.
- 1.Olav Bandmann and Mads Dam. A note on SPKI’s authorization syntax. In Pre-Proceedings of 1st Annual PKI Research Workshop, April 2002. Available from http://www.cs.dartmouth.edu/~pki02/.
- 3.Matt Blaze, Joan Feigenbaum, John Ioannidis, and Angelos D. Keromytis. The KeyNote trust-management system, version 2. IETF RFC 2704, September 1999.Google Scholar
- 4.Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized trust management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 164–173. IEEE Computer Society Press, May 1996.Google Scholar
- 5.Jan Chomicki, Dina Goldin, Gabriel Kuper, and David Toman. Variable independence in constraint databases, November 2001. In final review for IEEE Transactions on Knowledge and Data Engineering.Google Scholar
- 6.John DeTreville. Binder, a logic-based security language. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 105–113. IEEE Computer Society Press, May 2002.Google Scholar
- 7.Carl Ellison, Bill Frantz, Butler Lampson, Ron Rivest, Brian Thomas, and Tatu Ylonen. SPKI certificate theory. IETF RFC 2693, September 1999.Google Scholar
- 8.Jonathan R. Howell. Naming and sharing resources acroos administrative boundaries. PhD thesis, Dartmouth College, May 2000.Google Scholar
- 10.Trevor Jim. SD3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 106–115. IEEE Computer Society Press, May 2001.Google Scholar
- 11.Paris C. Kanellakis, Gabriel M. Kuper, and Peter Z. Revesz. Constraint query languages. Journal of Computer and System Sciences, 51(1):26–52, August 1995. Preliminary version appeared in Proceedings of the 9th ACM Symposium on Principles of Database Systems (PODS), 1990.CrossRefMathSciNetGoogle Scholar
- 12.Gabriel Kuper, Leonid Libkin, and Jan Paredaens, editors. Constraint Databases. Springer, 2000.Google Scholar
- 13.Ninghui Li, Benjamin N. Grosof, and Joan Feigenbaum. A practically implementable and tractable Delegation Logic. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, pages 27–42. IEEE Computer Society Press, May 2000.Google Scholar
- 14.Ninghui Li, Benjamin N. Grosof, and Joan Feigenbaum. Delegation Logic: A logicbased approach to distributed authorization. ACM Transaction on Information and System Security (TISSEC), February 2003. To appear.Google Scholar
- 15.Ninghui Li, John C. Mitchell, and William H. Winsborough. Design of a rolebased trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114–130. IEEE Computer Society Press, May 2002.Google Scholar
- 16.Ninghui Li, William H. Winsborough, and John C. Mitchell. Distributed credential chain discovery in trust management. To appear in Journal of Computer Security. Extended abstract appeared in Proceedings of the Eighth ACM Conference on Computer and Communications Security (CCS-8), November 2001.Google Scholar
- 17.Yuri V. Matiyasevich. Hilbert’s Tenth Problem. The MIT Press, 1993.Google Scholar
- 18.Peter Z. Revesz. Constraint databases: A survey. In L. Libkin and B. Thalheim, editors, Semantics in Databases, number 1358 in LNCS, pages 209–246. Springer, 1998.Google Scholar
- 19.Peter Z. Revesz. Safe Datalog queries with linear constraints. In Proceedings of the 4th International Conference on Principles and Practice of Constraint Programming (CP98), number 1520 in LNCS. Springer, 1998.Google Scholar