The Semantics of Role-Based Trust Management Languages

  • Anna Felkner
  • Krzysztof Sacha
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7054)

Abstract

Role-based Trust management (RT) languages are used for representing policies and credentials in decentralized, distributed access control systems. RT languages combine trust management and role-based access control features. A credential provides information about the keys, rights and qualifications from one or more trusted authorities. The paper presents a set-theoretic semantics of Role-based Trust management languages, which maps a role to a set of sets of entity names. The semantics applies not only to the basic language of the family RT 0, but also to a much more sophisticated RT T , which provides manifold roles and role-product operators to express threshold and separation-of-duty policies. A manifold role defines sets of entities whose cooperation satisfies the manifold role. It enables to express a such a condition, which need more than one member of a role to effectively fulfill the particular task.

Keywords

Access Control Trust Management Semantic Domain Threshold Policy Trust Management System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proc. of the 17th IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Oakland CA (1996)Google Scholar
  2. 2.
    Blaze, M., Feigenbaum, J., Keromytis, A.D.: The Role of Trust Management in Distributed Systems Security. In: Ryan, M. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Chadwick, D., Otenko, A., Ball, E.: Role-Based Access Control with X.509 Attribute Certificates. IEEE Internet Comput. 2, 62–69 (2003)CrossRefGoogle Scholar
  4. 4.
    Chapin, P., Skalka, C., Wang, X.S.: Authorization in Trust Management: Features and Foundations. ACM Comput. Surv. 3, 1–48 (2008)CrossRefGoogle Scholar
  5. 5.
    Felkner, A.: Modeling Trust Mangement in Computer Systems. In: Proc. of the 9th Int. PhD Workshop OWD 2007, Conference Archives PTETiS, vol. 23, pp. 65–70 (2007)Google Scholar
  6. 6.
    Felkner, A.: Set-Theoretic Semantics of Role-Based Trust Management. In: Proc. of the 10th Int. PhD Workshop OWD 2008, Conference Archives PTETiS, vol. 25, pp. 567–572 (2008)Google Scholar
  7. 7.
    Ferraiolo, D.F., Kuhn, D.R.: Role-based Access Control. In: Proc. of the 15th National Computer Security Conference, pp. 554–563 (1992)Google Scholar
  8. 8.
    Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 3, 224–274 (2001)CrossRefGoogle Scholar
  9. 9.
    Gorla, D., Hennessy, M., Sassone, V.: Inferring Dynamic Credentials for Role-Based Trust Management. In: Proc. of the 8th ACM SIGPLAN Conference on Principles and Practice of Declarative Programming, pp. 213–224. ACM (2006)Google Scholar
  10. 10.
    Harel, D., Rumpe, B.: Modeling Languages: Syntax, Semantics and All That Stuff, Part I: The Basic Stuff. Weizmann Science Press of Israel, Jerusalem (2000)Google Scholar
  11. 11.
    Li, N., Mitchell, J.: RT: A Role-Based Trust-Management Framework. In: Proc. of the 3rd DARPA Information Survivability Conference and Exposition, pp. 201–212. IEEE Computer Society Press, Oakland CA (2003)Google Scholar
  12. 12.
    Li, N., Mitchell, J., Winsborough, W.: Design of a Role-Based Trust-Management Framework. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Oakland CA (2002)Google Scholar
  13. 13.
    Li, N., Winsborough, W., Mitchell, J.: Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 123–139. IEEE Computer Society Press, Oakland CA (2003)Google Scholar
  14. 14.
    Li, N., Winsborough, W., Mitchell, J.: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security 1, 35–86 (2003)CrossRefGoogle Scholar
  15. 15.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 2, 38–47 (1996)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Anna Felkner
    • 1
    • 2
  • Krzysztof Sacha
    • 1
  1. 1.Warsaw University of TechnologyWarszawaPoland
  2. 2.Research and Academic Computer NetworkWarszawaPoland

Personalised recommendations