Sciweavers

FLOPS
2006
Springer

Soutei, a Logic-Based Trust-Management System

13 years 7 months ago
Soutei, a Logic-Based Trust-Management System
We describe the design and implementation of a trust-management system Soutei, a dialect of Binder, for access control in distributed systems. Soutei policies and credentials are written in a declarative logic-based security language and thus constitute distributed logic programs. Soutei policies are modular, concise, and readable. They support policy verification, and, despite the simplicity of the language, express role- and attribute-based access control lists, and conditional delegation. We describe the real-world deployment of Soutei into a publish-subscribe web service with distributed and compartmentalized administration, emphasizing the often overlooked aspect of authorizing the creation of resources and the corresponding policies. Soutei brings Binder from a research prototype into the real world. Supporting large, truly distributed policies required non-trivial changes to Binder, in particular mode-restriction and goal-directed top-down evaluation. To improve the robustness o...
Andrew Pimlott, Oleg Kiselyov
Added 22 Aug 2010
Updated 22 Aug 2010
Type Conference
Year 2006
Where FLOPS
Authors Andrew Pimlott, Oleg Kiselyov
Comments (0)