Trust but verify

Skalka, Christian; Wang, X. Sean

doi:10.1145/1111348.1111354

Cited by 12 publications

(5 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Three types of digital certificates are used: identity certificates for authentication, attribute certificates for authorisation and access-rule certificates for propagation of access control. The authors use a subset of the full Skalka and Wang (2004) logic, which they will describe in Section 3. In the authors' implementation approach, they propose the use of digital certificates, SSL and secures electronic transactions (SET) to be used in conjunction with access control intermediates.…”

Section: Access Control Logicmentioning

confidence: 99%

“…Although ABLP logic is undecidable in general, various presentations have described non-trivial, decidable access control mechanisms (Wallach et al, 2000;Skalka and Wang, 2004). s s s s ′ ′⊃ Naturally, it is desirable for authorisation judgments to be decidable.…”

Section: Authorisation Contexts and Decisionsmentioning

confidence: 99%

“…As the trust transformation injects trust into authorisation, offline checking inverts the trust transformation, to verify online trust in the offline phase that is, given a trusted request offline checking searches for an extrapolated request of which is the trust transform (Skalka and Wang, 2004). As the trust transformation injects trust into authorisation, offline checking inverts the trust transformation, to verify online trust in the offline phase that is, given a trusted request offline checking searches for an extrapolated request of which is the trust transform (Skalka and Wang, 2004).…”

Section: Denymentioning

confidence: 99%

“…The reason for this is that: 1 the actual verification is costly if done for each transaction 2 more importantly, it is in any reputable vendor's best interest to be a good a citizen, hence, problems occur only rarely (Skalka and Wang, 2004). The vendor needs to access the card-issuing bank to check the credit card information and obtain payment confirmation; this involves a distributed authorisation problem.…”

Section: Introductionmentioning

confidence: 99%

“…Most closely related works in this regard is proof carrying authorisations (PCA) by Appel and Felten (1999) and Bauer (2003), a framework for specifying and enforcing web page access policies (though the logic used there is not ABLP, but an application specific variant) (Skalka and Wang, 2004). The bank can also request a general audit of vendors.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A framework towards enhancing trust and authorisation for e-commerce service

Oreku

Mtenzi³

2009

IJITST

View full text Add to dashboard Cite

Traditional access control a.k.a. authorisation for e-commerce systems is not flexible and efficient enough to combat the new emerging security challenges and public remains concerned about the security of online transactions as can be seen from http://www.security-survey.gov.uk. Challenges like changes in consumer's behaviour, advances in broadband technology, industrial maturity and entropy converging to usher in a new era of e-commerce security. The authors' proposed framework provides trust transformation rules which have associated conditions for authorisations to control access. The introduction of trust method formalises the conditions within logical perspective. The authors aim to build the architecture and trust model for trust and authorisation within an e-commerce service system. The architecture will help to build a secure e-commerce service system. The underlying framework will not only inform researchers of a better design for secure e-commerce service, but also assist e-commerce systems developers in the understanding of intricate constructions within trust and authorisation. This includes protecting transactions records of customers in terms of information privacy and access. The authors also propose rigorous logical foundation for trust and authorisation in e-commerce service environments based on ABLP. He has authored five books, including Parallel Database Systems, Principle of Database Systems, and Digital Library, and published more than 240 technical papers.Fred Mtenzi is a Lecturer at the School of Computing, Dublin Institute of Technology, Ireland. Prior to joining DIT, he worked as a Lecturer at the University of Dar es salaam in Tanzania. His research interest includes design of algorithms for solving combinatorial optimisation problems, energy aware routing in mobile ad hoc networks and its related security issues, cybercrime, pervasive computing and knowledge management. He has organised and chaired a number of international conferences. He has been a Guest Editor in a number of journal special issues. He is a member of the IEEE, ACM, and ISSA. Example 1: We trust that private keys remain indeed private so that messages signed with J K carry the authority of J: J K J ⇒ Thus, if any statement s is ever signed with Js private key: J s K says By rule, Speaks for: ( ) ( ) J J s s K J K says J says ⇒ ⊃ ⊃

show abstract

Section: Access Control Logicmentioning

confidence: 99%

Section: Authorisation Contexts and Decisionsmentioning

confidence: 99%

Section: Denymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A framework towards enhancing trust and authorisation for e-commerce service

Oreku

Mtenzi³

2009

IJITST

View full text Add to dashboard Cite

show abstract

Trust‐based security‐level evaluation method for dynamic service‐oriented environments

Kołaczek

Juszczyszyn

Świltek

et al. 2015

Concurrency and Computation

View full text Add to dashboard Cite

SUMMARYA method of decision-making in security-level estimation process of service-based applications in future Internet architecture is proposed. We demonstrate how distributed services can be composed to form an application run within the next-generation network infrastructure and their security level may be assessed. Our approach is illustrated by the experiments carried on exemplary application (virtual laboratory online lab, using future Internet IPv6 QoS architecture), in which our method was evaluated against two types of attacks observed with the use of traffic anomaly detection methods.

show abstract