The Role of Trust Management in Distributed Systems Security

Blaze, Matt; Feigenbaum, Joan; Ioannidis, John P. A.; Keromytis, Angelos D.

doi:10.1007/3-540-48749-2_8

Cited by 336 publications

(201 citation statements)

References 18 publications

Supporting

Mentioning

199

Contrasting

Unclassified

Order By: Relevance

“…For the purposes of illustration, only simple examples are presented in this paper. The reader is referred to [3] for a discussion of the expressiveness of KeyNote.…”

Section: Discussionmentioning

confidence: 99%

Secure Component Distribution Using WebCom

Foley

Quillinan

Morrison

2002

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

WebCom is a distributed computing architecture that may be used to distribute application components for execution over a network. A practical trust management system for the WebCom architecture is described. KeyNote-based authorization credentials are used to determine whether a WebCom server is authorised to schedule, and whether a WebCom client is authorised to execute, mobile application components. Secure WebCom provides a meta-language for bringing together the components of a distributed application in such a way that the components need not concern themselves with security issues.

show abstract

“…For the purposes of illustration, only simple examples are presented in this paper. The reader is referred to [3] for a discussion of the expressiveness of KeyNote.…”

Section: Discussionmentioning

confidence: 99%

Secure Component Distribution Using WebCom

Foley

Quillinan

Morrison

2002

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…The classical AAA architecture and the above mentioned credential/policy-based distributed trust models are not suitable for direct implementation in DTN due to: design principle, operational complexity, scalability issue and unavailability during long/variable delay and frequent disruption [25], [26]. However, the implementation flexibility offered by the AAA standard and the applicability of certain concepts with slight modification to the DTN environment underlines the suitability of AAA architecture concept to DTN.…”

Section: Access Controlmentioning

confidence: 99%

Access Control Framework for Delay/Disruption Tolerant Networks

Johnson

Ansa

Cruickshank

et al. 2010

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Abstract. The emergence of DTN as an option for sustaining communication in environments with high delay/frequent disruption have rendered existing access control mechanisms inappropriate hence the need for a new concept in DTN access control. This is primarily due to contradicting assumptions like low delay and constant connectivity on which the existing mechanisms are built. This paper discusses the security issues in DTN, investigate existing access control mechanisms and relate their design principles as well as operational mode to DTN. We proposed a lightweight hierarchical architecture based on AAA architecture concept and explored the DTN architecture to identify those features that will support the implementation of AAA architecture concept. We present the proposed architecture for an intra-domain scenario with a brief description.

show abstract

“…For notational convenience, we will write the labeled rewrite rule (L −→ R, T ) as L T −→ R. We will treat certs as labeled rewrite rules: 3 -A name cert (K, A, S, V ) will be written as a labeled rewrite rule K A −→ S, where is the authorization specification such that for all other authorization specifications t, ∩ t = t, and ∪ t = . 4 Sometimes we will write −→ as simply −→, i.e., a rewrite rule of the form L −→ R has an implicit label of . …”

Section: Certificatesmentioning

confidence: 99%

“…In trust-management systems [4,5,25], such as SPKI/SDSI [9], the security policy is given by a set of signed certificates, and a proof of authorization consists of a set of certificate chains. In SPKI/SDSI, the principals are the public keys, i.e., the identity of a principal is established by checking the validity of the corresponding public key.…”

Section: Introductionmentioning

confidence: 99%

Weighted Pushdown Systems and Trust-Management Systems

Jha¹,

Schwoon

Wang³

et al. 2006

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Abstract. The authorization problem is to decide whether, according to a security policy, some principal should be allowed access to a resource. In the trustmanagement system SPKI/SDSI, the security policy is given by a set of certificates, and proofs of authorization take the form of certificate chains. The certificate-chain-discovery problem is to discover a proof of authorization for a given request. Certificate-chain-discovery algorithms for SPKI/SDSI have been investigated by several researchers. We consider a variant of the certificate-chain discovery problem where the certificates are distributed over a number of servers, which then have to cooperate to identify the proof of authorization for a given request. We propose two protocols for this purpose. These protocols are based on distributed model-checking algorithms for weighted pushdown systems (WPDSs). These protocols can also handle cases where certificates are labeled with weights and where multiple certificate chains must be combined to form a proof of authorization. We have implemented these protocols in a prototype and report preliminary results of our evaluation.

show abstract

The Role of Trust Management in Distributed Systems Security

Cited by 336 publications

References 18 publications

Secure Component Distribution Using WebCom

Secure Component Distribution Using WebCom

Access Control Framework for Delay/Disruption Tolerant Networks

Weighted Pushdown Systems and Trust-Management Systems

Contact Info

Product

Resources

About