Beyond Proof-of-compliance: Security Analysis in Trust Management
Author
NINGHUI LI, JOHN C. MITCHELL, WILLIAM H. WINSBOROUGH
Tech report number
CERIAS TR 2005-111
Abstract
Trust management is a form of distributed access control that allows one principal to delegate
some access decisions to other principals. While this makes trust management more flexible than
the access matrix model, it makes safety and security analysis more important. We show that in
contrast to the undecidability of classical HRU safety properties, our primary security properties
are decidable. In particular, most safety properties we study are decidable in polynomial time.
The computational complexity of containment analysis, the most complicated security property
we study, forms a complexity hierarchy based on the expressive power of the trust management
language.
Journal
Journal of the ACM
Key alpha
ccess control, trust management, distributed system security, logic Programs
School
Purdue University, Stanford University, George Mason University
Publication Date
2001-01-01
Keywords
Security, Theory, Languages, access control, trust management, distributed system security, logic programs