Article

Design of a Role-Based Trust-Management Framework

Authors:

Ninghui Li,

John C. Mitchell,

William H. WinsboroughAuthors Info & Claims

SP '02: Proceedings of the 2002 IEEE Symposium on Security and Privacy

Page 114

Published: 12 May 2002 Publication History

Publisher Site

Abstract

We introduce the RT framework, a family of Role-based Trust-managementlanguages for representing policies and credentials in distributedauthorization. RT combines the strengths of role-based access controland trust-management systems and is especially suitable forattribute-based access control. Using a few simple credential forms, RTprovides localized authority over roles, delegation in role definition,linked roles, and parameterized roles. RT also introduces manifoldroles, which can be used to express threshold and separation-of-dutypolicies, and delegation of role activations. We formally define thesemantics of credentials in the RT framework by presenting a translationfrom credentials to Datalog rules.This translation also shows thatthis semantics is algorithmically tractable.

Cited By

View all

Larisch JAqeel WChung TKohler ELevin DMaggs BParno BWilson C(2023)No Root Store Left BehindProceedings of the 22nd ACM Workshop on Hot Topics in Networks10.1145/3626111.3630268(295-301)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3626111.3630268
Yuan BJia YXing LZhao DWang XZou DJin HZhang YCapkun SRoesner F(2020)Shattered chain of trustProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489279(1183-1200)Online publication date: 12-Aug-2020
https://dl.acm.org/doi/10.5555/3489212.3489279
Andersen MKumar SAbdelBaky MFierro GKolb JKim HCuller DPopa RHeninger NTraynor P(2019)WAVEProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361434(1375-1392)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361434
Show More Cited By

Recommendations

Dynamically authorized role-based access control for secure distributed computation
XMLSEC '02: Proceedings of the 2002 ACM workshop on XML security

This paper presents a mechanism for using the Object Management Group's Common Secure Interoperability Version 2 (CSIv2), Authorization Token Layer Acquisition Service (ATLAS), and XML security standards such as Security Assertion Markup Language (SAML) ...
Security analysis in role-based access control

The administration of large role-based access control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation ...
Security analysis in role-based access control
SACMAT '04: Proceedings of the ninth ACM symposium on Access control models and technologies

Delegation is often used in administrative models for Role-Based Access Control (RBAC) systems to decentralize administration tasks. While the use of delegation greatly enhances flexibility and scalability, it may reduce the control that an organization ...

Comments

Information & Contributors

Information

Published In

SP '02: Proceedings of the 2002 IEEE Symposium on Security and Privacy

May 2002

ISBN:0769515436

Publisher

IEEE Computer Society

United States

Publication History

Published: 12 May 2002

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

202
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Larisch JAqeel WChung TKohler ELevin DMaggs BParno BWilson C(2023)No Root Store Left BehindProceedings of the 22nd ACM Workshop on Hot Topics in Networks10.1145/3626111.3630268(295-301)Online publication date: 28-Nov-2023
https://dl.acm.org/doi/10.1145/3626111.3630268
Yuan BJia YXing LZhao DWang XZou DJin HZhang YCapkun SRoesner F(2020)Shattered chain of trustProceedings of the 29th USENIX Conference on Security Symposium10.5555/3489212.3489279(1183-1200)Online publication date: 12-Aug-2020
https://dl.acm.org/doi/10.5555/3489212.3489279
Andersen MKumar SAbdelBaky MFierro GKolb JKim HCuller DPopa RHeninger NTraynor P(2019)WAVEProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361434(1375-1392)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361434
Xu DShrestha RShen NBertino ELin DLobo J(2018)Automated Coverage-Based Testing of XACML PoliciesProceedings of the 23nd ACM on Symposium on Access Control Models and Technologies10.1145/3205977.3205979(3-14)Online publication date: 7-Jun-2018
https://dl.acm.org/doi/10.1145/3205977.3205979
Liu Y(2018)Logic programming applicationsDeclarative Logic Programming10.1145/3191315.3191326(519-548)Online publication date: 1-Sep-2018
https://dl.acm.org/doi/10.1145/3191315.3191326
Ribeiro CLeitold HEsposito SMitzam D(2018)STORKInternational Journal of Information Security10.1007/s10207-017-0385-x17:5(569-585)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.1007/s10207-017-0385-x
Shalev NKeidar IWeinsberg YMoatti YBen-Yehuda E(2017)WatchITProceedings of the 26th Symposium on Operating Systems Principles10.1145/3132747.3132752(515-530)Online publication date: 14-Oct-2017
https://dl.acm.org/doi/10.1145/3132747.3132752
Gupta AFeamster NVanbever LGodfrey BCasado M(2016)Authorizing Network Control at Software Defined Internet Exchange PointsProceedings of the Symposium on SDN Research10.1145/2890955.2890956(1-6)Online publication date: 14-Mar-2016
https://dl.acm.org/doi/10.1145/2890955.2890956
Hallett JAspinall D(2016)AppPAL for AndroidProceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 963910.1007/978-3-319-30806-7_14(216-232)Online publication date: 6-Apr-2016
https://dl.acm.org/doi/10.1007/978-3-319-30806-7_14
Toseef UPentikousis KAnjum APapadopoulos G(2015)Authentication and authorization in FELIXProceedings of the 8th International Conference on Utility and Cloud Computing10.5555/3233397.3233507(553-558)Online publication date: 7-Dec-2015
https://dl.acm.org/doi/10.5555/3233397.3233507
Show More Cited By

Abstract

Cited By

Recommendations

Dynamically authorized role-based access control for secure distributed computation

Security analysis in role-based access control

Security analysis in role-based access control

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations