Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2010
ACM
2010
ACM
A logic for authorization provenance
In distributed environments, statements from a number of principals, besides the central trusted party, may influence the derivations of authorization decisions. However, existing authorization logics put few emphasis on this set of principals - authorization provenance. Reasoning about provenance enables to (1) defend against a class of attacks, (2) understand and analyze authorizations and the status of policy bases, and (3) obtain potentially efficient logging and auditing guided by provenance information. This paper presents the design and applications of a provenance-enabled authorization logic, called DBT. More specifically, we give a sound and complete axiomatic system of DBT. We also examine a class of provenance-aware policy bases and queries. One can syntactically extract provenance information from the structure of these queries if they are evaluated positively in provenance-aware policy bases. Finally, two case studies are presented to demonstrate possible applications ...
Real-time TrafficRelated Content
| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | CCS |
| Authors | Jinwei Hu, Yan Zhang, Ruixuan Li, Zhengding Lu |
Comments (0)
Researcher Info
|
