Efficient Proving for Practical Distributed Access-Control Systems

  • Lujo Bauer
  • Scott Garriss
  • Michael K. Reiter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4734)

Abstract

We present a new technique for generating a formal proof that an access request satisfies access-control policy, for use in logic-based access-control frameworks. Our approach is tailored to settings where credentials needed to complete a proof might need to be obtained from, or reactively created by, distant components in a distributed system. In such contexts, our approach substantially improves upon previous proposals in both computation and communication costs, and better guides users to create the most appropriate credentials in those cases where needed credentials do not yet exist. At the same time, our strategy offers strictly superior proving ability, in the sense that it finds a proof in every case that previous approaches would (and more). We detail our method and evaluate an implementation of it using both policies in active use in an access-control testbed at our institution and larger policies indicative of a widespread deployment.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M.: On SDSI’s linked local name spaces. Journal of Computer Security 6(1-2), 3–21 (1998)Google Scholar
  2. 2.
    Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, ACM Press, New York (1999)Google Scholar
  3. 3.
    Balfanz, D., Dean, D., Spreitzer, M.: A security infrastructure for distributed Java applications. In: Proceedings of the 2000 IEEE Symposium on Security & Privacy, IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
  4. 4.
    Bauer, L., Garriss, S., Reiter, M.K.: Distributed proving in acess-control systems. In: Proceedings of the 2005 IEEE Symposium on Security & Privacy, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  5. 5.
    Bauer, L., Garriss, S., Reiter, M.K.: Efficient proving for practical distributed access-control systems. Technical Report CMU-CyLab-06-015R, Carnegie Mellon University (2007)Google Scholar
  6. 6.
    Bauer, L., Schneider, M.A., Felten, E.W.: A general and flexible access-control system for the Web. In: Proceedings of the 11th USENIX Security Symposium (2002)Google Scholar
  7. 7.
    Becker, M., Sewell, P.: Cassandra: Flexible trust management, applied to electronic health records. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  8. 8.
    Blaze, M., Feigenbaum, J., Strauss, M.: Compliance checking in the PolicyMaker trust-management system. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)CrossRefGoogle Scholar
  10. 10.
    Chen, W., Warren, D.S.: Tabled evaluation with delaying for general logic programs. Journal of the ACM 43(1), 20–74 (1996)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  12. 12.
    Ellison, C.M., Frantz, B., Lampson, B., Rivest, R.L., Thomas, B.M., Ylonen, T.: SPKI Certificate Theory, RFC2693 (1999)Google Scholar
  13. 13.
    Felty, A.: Implementing tactics and tacticals in a higher-order logic programming language. Journal of Automated Reasoning 11(1), 43–81 (1993)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Garg, D., Pfenning, F.: Non-interference in constructive authorization logic. In: CSFW’06. Proceedings of the 19th Computer Security Foundations Workshop (2006)Google Scholar
  15. 15.
    Goffee, N.C., Kim, S.H., Smith, S., Taylor, P., Zhao, M., Marchesini, J.: Greenpass: Decentralized, PKI-based authorization for wireless LANs. In: Proceedings of the 3rd Annual PKI Research and Development Workshop (2004)Google Scholar
  16. 16.
    Halpern, J., van der Meyden, R.: A logic for SDSI’s linked local name spaces. Journal of Computer Security 9, 47–74 (2001)Google Scholar
  17. 17.
    Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings of the 2001 IEEE Symposium on Security & Privacy, IEEE Computer Society Press, Los Alamitos (2001)Google Scholar
  18. 18.
    Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)CrossRefGoogle Scholar
  19. 19.
    Li, N., Mitchell, J.C.: Understanding SPKI/SDSI using first-order logic. International Journal of Information Security (2004)Google Scholar
  20. 20.
    Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security & Privacy, IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  21. 21.
    Minami, K., Kotz, D.: Secure context-sensitive authorization. Journal of Pervasive and Mobile Computing 1(1) (2005)Google Scholar
  22. 22.
    Russell, S., Norvig, P.: Artificial Intelligence, A Modern Approach, 2nd edn. Prentice Hall, Englewood Cliffs (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Lujo Bauer
    • 1
  • Scott Garriss
    • 1
  • Michael K. Reiter
    • 2
  1. 1.Carnegie Mellon University 
  2. 2.University of North Carolina at Chapel Hill 

Personalised recommendations