More Web Proxy on the site http://driver.im/

research-article

Effective trust management through a hybrid logical and relational approach

Authors:

Yann Le GallAuthors Info & Claims

ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security

Pages 169 - 179

https://doi.org/10.1145/1755688.1755710

Published: 13 April 2010 Publication History

Abstract

Despite a plethora of recent research regarding trust management approaches to authorization, relatively little attention has been given to exactly how these technologies can be effectively deployed. In this paper, we investigate one way in which well-established logical trust management systems described in the literature can be deployed within enterprise environments. Specifically, we develop a framework within which logical trust management policies can be managed using a relational DBMS. We describe a correct and complete procedure for compiling CTM credentials into dynamic views within a database, and show how the resulting system can be used to perform role membership checks or to enumerate the members of a given role. We then propose a hybrid algorithm that leverages the logical ruleset and the underlying DBMS to efficiently enumerate the capabilities ascribed to a given user. We also present an evaluation of a prototype implementation of our framework that demonstrates the practicality of our approach. As CTM extends the RT family of trust management languages---which are representative of a large class of Datalog-based trust management systems---our work is likely generalizable to other trust management approaches.

References

[1]

L. Bauer, S. Garriss, and M. K. Reiter. Distributed proving in access-control systems. In Proceedings of the 2005 IEEE Symposium on Security and Privacy, pages 81--95, May 2005.

Digital Library

[2]

M. Y. Becker, C. Fournet, and A. D. Gordon. SecPAL: Design and semantics of a decentralized authorization language. Journal of Computer Security, 2009.

Digital Library

[3]

M. Y. Becker and P. Sewell. Cassandra: Distributed access control policies with tunable expressiveness. In Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, pages 159--168, June 2004.

Digital Library

[4]

B. K. Bhargava and Y. Zhong. Authorization based on evidence and trust. In International Conference on Data Warehousing and Knowledge Discovery, pages 94--103, Aix-en-Provence, France, Sept. 2002.

Digital Library

[5]

M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Conference on Security and Privacy, pages 164--173, May 1996.

Digital Library

[6]

M. Blaze, J. Feigenbaum, and M. Strauss. Compliance checking in the PolicyMaker trust management system. In Proceedings of the Second International Conference on Financial Cryptography, number 1465 in Lecture Notes in Computer Science, pages 254--274. Springer, Feb. 1998.

Digital Library

[7]

P. Bonatti, C. Duma, D. Olmedilla, and N. Shahmehri. An integration of reputation-based and policy-based trust management. In Sematic Web and Policy Workshop, Galway, Ireland, Nov. 2005.

[8]

K. Borders, X. Zhao, and A. Prakash. CPOL: High-performance policy evaluation. In Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), pages 147--157, Nov. 2005.

Digital Library

[9]

B. Carminati, E. Ferrari, and A. Perego. Enforcing access control in web-based social networks. ACM Transactions in Information and System Security. to appear.

Digital Library

[10]

B. Carminati, E. Ferrari, and A. Perego. A decentralized security framework for web-based social networks. International Journal of Information Security and Privacy, 2(4):22--53, 2008.

[11]

S. D. C. di Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Trust management services in relational databases. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS), pages 149--160, Mar. 2007.

Digital Library

[12]

T. Jim. SD3: A trust management system with certified evaluation. In Proceedings of the IEEE Symposium on Security and Privacy, pages 106--115, May 2001.

Digital Library

[13]

A. Josang, R. Ismail, and C. Boyd. A survey of trust and reputation systems for online service provision. Decis. Support Syst., 43(2):618--644, 2007.

Digital Library

[14]

S. Kamvar, M. Schlosser, and H. Garcia-Molina. EigenRep: Reputation Management in P2P Networks. In Twelfth International World Wide Web Conference, 2003.

Digital Library

[15]

A. J. Lee, K. Minami, and N. Borisov. Confidentiality-preserving distributed proofs of conjunctive queries. In ACM Symposium on Information, Computer, and Communication Security (ASIACCS), Mar. 2009.

Digital Library

[16]

A. J. Lee and M. Winslett. Enforcing safety and consistency constraints in policy-based authorization systems. ACM Transactions on Information and System Security, 12(2), Dec. 2008.

Digital Library

[17]

A. J. Lee and M. Winslett. Towards an efficient and language-agnostic compliance checker for trust negotiation systems. In Proceedings of the 3rd ACM Symposium on Information, Computer and Communications Security (ASIACCS 2008), pages 228--239, Mar. 2008.

Digital Library

[18]

A. J. Lee and T. Yu. Towards a dynamic and composite model of trust. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), pages 217--226, June 2009.

Digital Library

[19]

J. Li, N. Li, and W. H. Winsborough. Automated trust negotiation using cryptographic credentials. In Proceedings of the ACM Conference on Computer and Communications Security, pages 46--57, Nov. 2005.

Digital Library

[20]

N. Li and J. C. Mitchell. RT: A role-based trust-management framework. In Proceedings of the Third DARPA Information Survivability Conference and Exposition (DISCEX III), pages 201--212, Apr. 2003.

[21]

N. Li, J. C. Mitchell, and W. H. Winsborough. Beyond proof-of-compliance: security analysis in trust management. Journal of the ACM, 52(3):474--514, 2005.

Digital Library

[22]

N. Li, W. Winsborough, and J. Mitchell. Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, 11(1), Feb. 2003.

Digital Library

[23]

N. Li, W. H. Winsborough, and J. C. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 11(1):35--86, 2003.

[24]

K. Minami and D. Kotz. Secure context-sensitive authorization. Journal of Pervasive and Mobile Computing (PMC), 1(1):123--156, Mar. 2005.

Digital Library

[25]

I. Molloy, N. Li, T. Li, Z. Mao, Q. Wang, and J. Lobo. Evaluating role mining algorithms. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), pages 95--104, 2009.

Digital Library

[26]

J. Vaidya, V. Atluri, and J. Warner. Roleminer: mining roles using subset enumeration. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pages 144--153, 2006.

Digital Library

[27]

W. H. Winsborough, K. E. Seamons, and V. E. Jones. Automated trust negotiation. In DARPA Information Survivability Conference and Exposition, Jan. 2000.

Digital Library

[28]

L. Xiong and L. Liu. A reputation based trust model for peer-to-peer ecommerce communities. In IEEE International Conference on E-Commerce (CEC), 2003.

Digital Library

[29]

T. Yu, M. Winslett, and K. E. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies in automated trust negotiation. ACM Transaction on Information and System Security (TISSEC), 6(1):1--42, Feb. 2003.

Digital Library

[30]

C. C. Zhang and M. Winslett. Distributed authorization by multiparty trust negotiation. In ESORICS 2008, pages 282--299, Oct. 2008.

Digital Library

Cited By

Yaich R(2016)Managing Evolving Trust Policies within Open and Decentralized Communities2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI)10.1109/WI.2016.0119(668-673)Online publication date: Oct-2016
https://doi.org/10.1109/WI.2016.0119
Sarkar MBanerjee SHassanien A(2015)Evaluating the Degree of Trust Under Context Sensitive Relational Database Hierarchy Using Hybrid Intelligent ApproachInternational Journal of Rough Sets and Data Analysis10.4018/ijrsda.20150101012:1(1-21)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.4018/ijrsda.2015010101
Le Gall YLee AKapadia AAtluri VVaidya JKern AKantarcioglu M(2012)PlexCProceedings of the 17th ACM symposium on Access Control Models and Technologies10.1145/2295136.2295174(219-228)Online publication date: 20-Jun-2012
https://dl.acm.org/doi/10.1145/2295136.2295174
Show More Cited By

Index Terms

Effective trust management through a hybrid logical and relational approach
1. Security and privacy
  1. Security services
    1. Access control
    2. Authentication
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Towards a dynamic and composable model of trust
SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

During their everyday decision making, humans consider the interplay between two types of trust: vertical trust and horizontal trust. Vertical trust captures the trust relationships that exist between individuals and institutions, while horizontal trust ...
The Role of Reputation on Trust and Loyalty: A Cross-Cultural Analysis of Tablet E-Tailing

The purpose of this article is to empirically examine the role of online retailer's website reputation on tablet commerce and to compare the trust arbitration between reputation and loyalty in two cultures-Finland and Nigeria. Data was collected from ...
Determinants of repurchase intention in online group-buying

A theoretical model integrating the D&M model and trust literature was proposed.The model was tested using data collected customers of a group-buying website.Increasing satisfaction and perceived quality will facilitate repurchase intention.Increasing ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security

April 2010

363 pages

ISBN:9781605589367

DOI:10.1145/1755688

General Chair:
Dengguo Feng
Chinese Academy of Sciences, China
,
Program Chairs:
David Basin
ETH Zurich, Switzerland
,
Peng Liu
Pennsylvania State University

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 April 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Computing and Communication Foundations

Conference

ASIA CCS '10

Sponsor:

SIGSAC

ASIA CCS '10: 5th ACM Symposium on Information, Computer and Communications Security

April 13 - 16, 2010

Beijing, China

Acceptance Rates

ASIACCS '10 Paper Acceptance Rate 25 of 166 submissions, 15%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
428
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)1

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yaich R(2016)Managing Evolving Trust Policies within Open and Decentralized Communities2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI)10.1109/WI.2016.0119(668-673)Online publication date: Oct-2016
https://doi.org/10.1109/WI.2016.0119
Sarkar MBanerjee SHassanien A(2015)Evaluating the Degree of Trust Under Context Sensitive Relational Database Hierarchy Using Hybrid Intelligent ApproachInternational Journal of Rough Sets and Data Analysis10.4018/ijrsda.20150101012:1(1-21)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.4018/ijrsda.2015010101
Le Gall YLee AKapadia AAtluri VVaidya JKern AKantarcioglu M(2012)PlexCProceedings of the 17th ACM symposium on Access Control Models and Technologies10.1145/2295136.2295174(219-228)Online publication date: 20-Jun-2012
https://dl.acm.org/doi/10.1145/2295136.2295174
Yaich RBoissier OJaillon PPicard G(2011)Social-Compliance in Trust Management within Virtual CommunitiesProceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Volume 0310.1109/WI-IAT.2011.212(322-325)Online publication date: 22-Aug-2011
https://dl.acm.org/doi/10.1109/WI-IAT.2011.212

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents