Datalog with Constraints: A Foundation for Trust Management Languages

  • Ninghui Li
  • John C. Mitchell
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2562)


Trust management (TM) is a promising approach for authorization and access control in distributed systems, based on signed distributed policy statements expressed in a policy language. Although several TM languages are semantically equivalent to subsets of Datalog, Datalog is not suffciently expressive for ifne-grained control of structured resources. We define the class of linearly decomposable unary constraint domains, prove that Datalog extended with constraints in any combination of such constraint domains is tractable, and show that permissions associated with structured resources fall into this class. We also present a concrete declarative TM language, RTC1 , based on constraint Datalog, and use constraint Datalog to analyze another TM system, KeyNote, which turns out to be less expressive than RTC1 in significant respects, yet less tractable in the worst case. Although constraint Datalog has been studied in the context of constraint databases, TM applications involve different kinds of constraint domains and have different computational complexity requirements.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Olav Bandmann and Mads Dam. A note on SPKI’s authorization syntax. In Pre-Proceedings of 1st Annual PKI Research Workshop, April 2002. Available from
  2. 2.
    Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems, 23(3):231–285, 1998.CrossRefGoogle Scholar
  3. 3.
    Matt Blaze, Joan Feigenbaum, John Ioannidis, and Angelos D. Keromytis. The KeyNote trust-management system, version 2. IETF RFC 2704, September 1999.Google Scholar
  4. 4.
    Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized trust management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy, pages 164–173. IEEE Computer Society Press, May 1996.Google Scholar
  5. 5.
    Jan Chomicki, Dina Goldin, Gabriel Kuper, and David Toman. Variable independence in constraint databases, November 2001. In final review for IEEE Transactions on Knowledge and Data Engineering.Google Scholar
  6. 6.
    John DeTreville. Binder, a logic-based security language. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 105–113. IEEE Computer Society Press, May 2002.Google Scholar
  7. 7.
    Carl Ellison, Bill Frantz, Butler Lampson, Ron Rivest, Brian Thomas, and Tatu Ylonen. SPKI certificate theory. IETF RFC 2693, September 1999.Google Scholar
  8. 8.
    Jonathan R. Howell. Naming and sharing resources acroos administrative boundaries. PhD thesis, Dartmouth College, May 2000.Google Scholar
  9. 9.
    Joxan Jaffar and Michael J. Maher. Constraint logic programming: A survey. Journal of Logic Programming, 19/20:503–580, 1994.CrossRefMathSciNetGoogle Scholar
  10. 10.
    Trevor Jim. SD3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, pages 106–115. IEEE Computer Society Press, May 2001.Google Scholar
  11. 11.
    Paris C. Kanellakis, Gabriel M. Kuper, and Peter Z. Revesz. Constraint query languages. Journal of Computer and System Sciences, 51(1):26–52, August 1995. Preliminary version appeared in Proceedings of the 9th ACM Symposium on Principles of Database Systems (PODS), 1990.CrossRefMathSciNetGoogle Scholar
  12. 12.
    Gabriel Kuper, Leonid Libkin, and Jan Paredaens, editors. Constraint Databases. Springer, 2000.Google Scholar
  13. 13.
    Ninghui Li, Benjamin N. Grosof, and Joan Feigenbaum. A practically implementable and tractable Delegation Logic. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, pages 27–42. IEEE Computer Society Press, May 2000.Google Scholar
  14. 14.
    Ninghui Li, Benjamin N. Grosof, and Joan Feigenbaum. Delegation Logic: A logicbased approach to distributed authorization. ACM Transaction on Information and System Security (TISSEC), February 2003. To appear.Google Scholar
  15. 15.
    Ninghui Li, John C. Mitchell, and William H. Winsborough. Design of a rolebased trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114–130. IEEE Computer Society Press, May 2002.Google Scholar
  16. 16.
    Ninghui Li, William H. Winsborough, and John C. Mitchell. Distributed credential chain discovery in trust management. To appear in Journal of Computer Security. Extended abstract appeared in Proceedings of the Eighth ACM Conference on Computer and Communications Security (CCS-8), November 2001.Google Scholar
  17. 17.
    Yuri V. Matiyasevich. Hilbert’s Tenth Problem. The MIT Press, 1993.Google Scholar
  18. 18.
    Peter Z. Revesz. Constraint databases: A survey. In L. Libkin and B. Thalheim, editors, Semantics in Databases, number 1358 in LNCS, pages 209–246. Springer, 1998.Google Scholar
  19. 19.
    Peter Z. Revesz. Safe Datalog queries with linear constraints. In Proceedings of the 4th International Conference on Principles and Practice of Constraint Programming (CP98), number 1520 in LNCS. Springer, 1998.Google Scholar
  20. 20.
    David Toman. Memoing evaluation for constraint extensions of Datalog. Constraints: An International Journal, 2:337–359, 1997.MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    David Toman and Jan Chomicki. Datalog with integer periodicity constraints. Journal of Logic programming, 35:263–290, 1994.CrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Ninghui Li
    • 1
  • John C. Mitchell
    • 1
  1. 1.Department of Computer ScienceStanford UniversityStanfordCA

Personalised recommendations