Inferring dynamic credentials for role-based trust management
Inferring dynamic credentials for role-based trust management
The topic of this paper is the role-based trust-management language RT_0, a formalism inspired by logic programming that handles trust in large scale, decentralised systems. We provide a purely operational semantics for the language in which credentials can be established using a simple set of inference rules. We then extend RT_0 to include time validity and boolean guards that control the availability of credentials. In such an extended framework, credentials are conditional on the availability of supporting credentials in the execution context. In addition to a set-theoretic and a logic-programming semantics, we develop for the extended language a series of increasingly powerful inference systems for establishing these conditional credentials. By means of simple but realistic examples, we demonstrate the expressiveness and usability of our language, warranting its integration into existing trust-management tools.
trust-management, role-based access control, inference systems, logic programming with negation.
213-223
Gorla, D.
50a6c562-72c9-4512-87e9-003654d30a41
Hennessy, M.
5a87dd80-a4c2-4540-ae1e-f08fe9e51221
Sassone, V.
df7d3c83-2aa0-4571-be94-9473b07b03e7
2006
Gorla, D.
50a6c562-72c9-4512-87e9-003654d30a41
Hennessy, M.
5a87dd80-a4c2-4540-ae1e-f08fe9e51221
Sassone, V.
df7d3c83-2aa0-4571-be94-9473b07b03e7
Gorla, D., Hennessy, M. and Sassone, V.
(2006)
Inferring dynamic credentials for role-based trust management.
8th Symposium on Principles ad Practice of Declarative Programming, PPDP'06, , Venice, Italy.
.
Record type:
Conference or Workshop Item
(Paper)
Abstract
The topic of this paper is the role-based trust-management language RT_0, a formalism inspired by logic programming that handles trust in large scale, decentralised systems. We provide a purely operational semantics for the language in which credentials can be established using a simple set of inference rules. We then extend RT_0 to include time validity and boolean guards that control the availability of credentials. In such an extended framework, credentials are conditional on the availability of supporting credentials in the execution context. In addition to a set-theoretic and a logic-programming semantics, we develop for the extended language a series of increasingly powerful inference systems for establishing these conditional credentials. By means of simple but realistic examples, we demonstrate the expressiveness and usability of our language, warranting its integration into existing trust-management tools.
Text
distCredPPDPoff.pdf
- Other
UNSPECIFIED
distCredPresPPDP.pdf
- Other
More information
Accepted/In Press date: 10 July 2006
Published date: 2006
Venue - Dates:
8th Symposium on Principles ad Practice of Declarative Programming, PPDP'06, , Venice, Italy, 2006-07-10
Keywords:
trust-management, role-based access control, inference systems, logic programming with negation.
Organisations:
Web & Internet Science
Identifiers
Local EPrints ID: 262648
URI: http://eprints.soton.ac.uk/id/eprint/262648
PURE UUID: 116dd740-2603-4344-aee0-6d6f5528fa73
Catalogue record
Date deposited: 29 May 2006
Last modified: 15 Jan 2025 02:43
Export record
Contributors
Author:
D. Gorla
Author:
M. Hennessy
Author:
V. Sassone
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics