Skip to main content
SpringerLink
Log in

A Case Study in Decentralized, Dynamic, Policy-Based, Authorization and Trust Management – Automated Software Distribution for Airplanes

  • Conference paper
Security and Trust Management (STM 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6710))

Included in the following conference series:

  • 665 Accesses

Abstract

We apply SecPAL, a logic-based policy language for decentralized authorization and trust management, to our case study of automated software distribution for airplanes. In contrast to established policy frameworks for authorization like XACML, SecPAL offers constructs to express trust relationships and delegation explicitly and to form chains of trusts. We use these constructs in our case study to specify and reason about dynamic, ad-hoc trust relationships between airlines and contractors of suppliers of software that has to be loaded into airplanes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. The WS-*, SAML and XACML standards are, http://www.oasis-open.org/specs/

  2. Microsoft Corporation: Introducing Windows CardSpace, http://msdn.microsoft.com/en-us/library/aa480189.aspx

  3. Soghoian, C., Stamm, S.: Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL. (under submission)

    Google Scholar 

  4. Maidl, M., von Oheimb, D., Hartmann, P., Robinson, R.: Formal security analysis of electronic software distribution systems. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 415–428. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Nigriny, J., Phaltankar, K.: Identity Assurance in Commercial Aviation Facilitated Through a Trusted Third Party Hub. White paper of CertiPath, http://www.certipath.com/white-papers.htm

  6. Becker, M., Fournet, C., Gordon, A.: SecPAL: Design and Semantics of a Decentralized Authorization Language. In: 20th IEEE Computer Security Foundations Symposium, pp. 3–15. IEEE Press, New York (2007)

    Chapter  Google Scholar 

  7. SecPAL homepage, http://research.microsoft.com/en-us/projects/SecPAL/

  8. Li, N., Mitchell, J.C.: DATALOG with constraints: A foundation for trust management languages. In: Dahl, V. (ed.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  9. IBM Corporation and Microsoft Corporation: Security in a Web Services World: A Proposed Architecture and Roadmap (2002), http://www.ibm.com/developerworks/library/specification/ws-secmap/

  10. Abadi, M., Burrows, M., Lampson, B., Plotkin, G.: A Calculus for Access Control in Distributed Systems. ACM Transactions on Programming Languages and Systems 15(4), 706–734 (1993)

    Article  Google Scholar 

  11. DeTreville, J.: Binder, a logic-based security language. In: IEEE Symposium on Security and Privacy, pp. 105–113. IEEE Press, New York (2002)

    Google Scholar 

  12. Li, N., Grosof, B., Feigenbaum, J.: Delegation Logic. ACM Trans. on Information and System Security (TISSEC) 6(1), 128–171 (2003)

    Article  Google Scholar 

  13. Becker, M., Sewell, P.: Cassandra: Flexible trust management, Applied to Electronic Health Records. In: 17th IEEE Computer Security Foundations Workshop (CSFW). IEEE Press, New York (2004)

    Google Scholar 

  14. Halpern, J.Y., Weissmann, V.: A formal foundation of XrML. In: 17th IEEE Computer Security Foundations Workshop (CSFW). IEEE Press, New York (2004)

    Google Scholar 

  15. Li, N., Mitchell, J.C.: Understanding SPKI/SDSI using first-order logic. In: 16th IEEE Computer Security Foundations Workshop (CSFW), pp. 89–103. IEEE Press, New York (2003)

    Google Scholar 

  16. Jha, S., Schwoon, S., Wang, H., Reps, T.: Weighted Pushdown Systems and Trust-Management Systems. In: Hermanns, H. (ed.) TACAS 2006. LNCS, vol. 3920, pp. 1–26. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. Gurevich, Y., Neeman, I.: DKAL: Distributed-Knowledge Authorization Language. In: 21th IEEE Computer Security Foundations Workshop (CSFW), pp. 149–162. IEEE Press, New York (2008)

    Google Scholar 

  18. Gurevich, Y., Neeman, I.: A Simplified and Improved Authorization Language. Microsoft Research Tech Report (February 2009), http://research.microsoft.com/en-us/um/people/gurevich/dkal.htm

  19. EU-funded project AVANTSSAR: Automated Validation of Trust and Security of Service-oriented Architectures, http://avantssar.eu/

Download references

Author information

Authors and Affiliations

  1. Landshut University of Appl. Sciences, Am Lurzenhof 1, 84036, Landshut, Germany

    Peter Hartmann

  2. Siemens Corporate Technology, Otto-Hahn Ring 6, 80200, München, Germany

    Monika Maidl & David von Oheimb

  3. Boeing Research & Technology, P.O. Box 3707, MC 7L-70, Seattle, WA, 98127-2207, USA

    Richard Robinson

Authors
  1. Peter Hartmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Monika Maidl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David von Oheimb
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Richard Robinson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Siemens AG - Corporate Technology, Otto-Hahn-Ring 6, 81730, München, Germany

    Jorge Cuellar

  2. Computer Science Department, E.T.S. Ingenieria Informatica, University of Malaga, Campus de Teatinos, 29170, Malaga, Spain

    Javier Lopez

  3. Facultad de Informatica (UPM), Fundación IMDEA Software, Campus Montegancedo, 28660 Boadilla del Monte, Madrid, Spain

    Gilles Barthe

  4. Certifiable Trustworthy IT Systems, Karlsruhe Institute of Technology (KIT), Am Fasanengarten 5, 76131, Karlsruhe, Germany

    Alexander Pretschner

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hartmann, P., Maidl, M., von Oheimb, D., Robinson, R. (2011). A Case Study in Decentralized, Dynamic, Policy-Based, Authorization and Trust Management – Automated Software Distribution for Airplanes. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds) Security and Trust Management. STM 2010. Lecture Notes in Computer Science, vol 6710. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22444-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22444-7_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22443-0

  • Online ISBN: 978-3-642-22444-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation