The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Beyond Proof-of-compliance: Security Analysis in Trust Management

Author

NINGHUI LI, JOHN C. MITCHELL, WILLIAM H. WINSBOROUGH

Tech report number

CERIAS TR 2005-111

Entry type

article

Abstract

Trust management is a form of distributed access control that allows one principal to delegate some access decisions to other principals. While this makes trust management more flexible than the access matrix model, it makes safety and security analysis more important. We show that in contrast to the undecidability of classical HRU safety properties, our primary security properties are decidable. In particular, most safety properties we study are decidable in polynomial time. The computational complexity of containment analysis, the most complicated security property we study, forms a complexity hierarchy based on the expressive power of the trust management language.

Journal

Journal of the ACM

Key alpha

ccess control, trust management, distributed system security, logic Programs

School

Purdue University, Stanford University, George Mason University

Publication Date

2001-01-01

Keywords

Security, Theory, Languages, access control, trust management, distributed system security, logic programs

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.