Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Krukow, Karla; * | Nielsen, Mogensb | Sassone, Vladimiroc
Affiliations: [a] Trifork, Aarhus, Denmark. E-mail: kkr@trifork.com | [b] BRICS, University of Aarhus, Denmark. E-mail: mn@brics.dk | [c] School of Electronics and Computer Science, University of Southampton, UK. E-mail: vs@ecs.soton.ac.uk
Correspondence: [*] Corresponding author: Karl Krukow, Trifork, Scandinavian Center, Margrethepladsen 3, Aarhus C, DK 8000, Denmark. Tel.: +45 8732 8787, Fax: +45 8732 8788; E-mail: kkr@trifork.com
Abstract: Reputation systems are meta systems that record, aggregate and distribute information about principals' behaviour in distributed applications. Similarly, history-based access control systems make decisions based on programs' past security-sensitive actions. While the applications are distinct, the two types of systems are fundamentally making decisions based on information about the past behaviour of an entity. A logical policy-centric framework for such behaviour-based decision-making is presented. In the framework, principals specify policies which state precise requirements on the past behaviour of other principals that must be fulfilled in order for interaction to take place. The framework consists of a formal model of behaviour, based on event structures; a declarative logical language for specifying properties of past behaviour; and efficient dynamic algorithms for checking whether a particular behaviour satisfies a property from the language. It is shown how the framework can be extended in several ways, most notably to encompass parameterized events and quantification over parameters. In an extended application, it is illustrated how the framework can be applied for dynamic history-based access control for safe execution of unknown and untrusted programs.
Keywords: Reputation systems, history-based access control, trust management, dynamic model checking, event structures, linear temporal logic
DOI: 10.3233/JCS-2008-16102
Journal: Journal of Computer Security, vol. 16, no. 1, pp. 63-101, 2008
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl