Integrity Constraints in Trust Management (Extended Abstract)

Sandro Etalle; William H. Winsborough

doi:10.1145/1063979.1063981

Integrity Constraints in Trust Management (Extended Abstract)

Sandro Etalle, William H. Winsborough

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

16 Downloads (Pure)

Abstract

We introduce the use, monitoring, and enforcement of integrity constraints in trust managementstyle authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then we address the fact that not all participants in a trust management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.

Original language	Undefined
Title of host publication	10th ACM Symp. on Access Control Models and Technologies (SACMAT)
Editors	G-J. Ahn
Place of Publication	New York
Publisher	ACM Press
Pages	1-10
Number of pages	10
ISBN (Print)	1-59593-045-0
DOIs	https://doi.org/10.1145/1063979.1063981
Publication status	Published - Jun 2005
Event	10th ACM Symp. on Access Control Models and Technologies (SACMAT) - Stockholm, Sweden Duration: 1 Jun 2005 → 3 Jun 2005

Publication series

Name
Publisher	ACM Press

Conference

Conference	10th ACM Symp. on Access Control Models and Technologies (SACMAT)
Period	1/06/05 → 3/06/05
Other	June 01 - 03, 2005

Keywords

EWI-698
IR-54524
METIS-228780
SCS-Cybersecurity

Access to Document

10.1145/1063979.1063981

00000124

http://doi.acm.org/10.1145/1063979.1063981

Cite this

@inproceedings{cc258d1941a049d3a61d4122f4ea1de1,

title = "Integrity Constraints in Trust Management (Extended Abstract)",

abstract = "We introduce the use, monitoring, and enforcement of integrity constraints in trust managementstyle authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then we address the fact that not all participants in a trust management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.",

keywords = "EWI-698, IR-54524, METIS-228780, SCS-Cybersecurity",

author = "Sandro Etalle and Winsborough, {William H.}",

note = "Imported from DIES; 10th ACM Symp. on Access Control Models and Technologies (SACMAT) ; Conference date: 01-06-2005 Through 03-06-2005",

year = "2005",

month = jun,

doi = "10.1145/1063979.1063981",

language = "Undefined",

isbn = "1-59593-045-0",

publisher = "ACM Press",

pages = "1--10",

editor = "G-J. Ahn",

booktitle = "10th ACM Symp. on Access Control Models and Technologies (SACMAT)",

}

TY - GEN

T1 - Integrity Constraints in Trust Management (Extended Abstract)

AU - Etalle, Sandro

AU - Winsborough, William H.

N1 - Imported from DIES

PY - 2005/6

Y1 - 2005/6

N2 - We introduce the use, monitoring, and enforcement of integrity constraints in trust managementstyle authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then we address the fact that not all participants in a trust management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.

AB - We introduce the use, monitoring, and enforcement of integrity constraints in trust managementstyle authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then we address the fact that not all participants in a trust management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.

KW - EWI-698

KW - IR-54524

KW - METIS-228780

KW - SCS-Cybersecurity

U2 - 10.1145/1063979.1063981

DO - 10.1145/1063979.1063981

M3 - Conference contribution

SN - 1-59593-045-0

SP - 1

EP - 10

BT - 10th ACM Symp. on Access Control Models and Technologies (SACMAT)

A2 - Ahn, G-J.

PB - ACM Press

CY - New York

T2 - 10th ACM Symp. on Access Control Models and Technologies (SACMAT)

Y2 - 1 June 2005 through 3 June 2005

ER -