Skip to main content
SpringerLink
Log in

Opacity Analysis in Trust Management Systems

  • Conference paper
Information Security (ISC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7001))

Included in the following conference series:

Abstract

Trust management systems are vulnerable to so-called probing attacks, which enable an adversary to gain knowledge about confidential facts in the system. We present the first method for deciding if an adversary can gain knowledge about confidential information in a Datalog-based policy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, A.: Web Services Profile of XACML (WS-XACML) Version 1.0. OASIS TC Working Draft (2006)

    Google Scholar 

  2. Anderson, A., Lockhart, H.: SAML 2.0 Profile of XACML v2. 0. OASIS Standard (2005)

    Google Scholar 

  3. Becker, M.Y.: Information flow in credential systems. In: IEEE Computer Security Foundations Symposium, pp. 171–185 (2010)

    Google Scholar 

  4. Becker, M.Y., Fournet, C., Gordon, A.D.: Design and semantics of a decentralized authorization language. In: IEEE Computer Security Foundations (2007)

    Google Scholar 

  5. Becker, M.Y., Koleini, M.: Information leakage in datalog-based trust management systems. Technical Report MSR-TR-2011-11, Microsoft Research (2011)

    Google Scholar 

  6. Becker, M.Y., Sewell, P.: Cassandra: Flexible trust management, applied to electronic health records. In: IEEE Computer Security Foundations, pp. 139–154 (2004)

    Google Scholar 

  7. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: IEEE Symposium on Security and Privacy, pp. 164–173 (1996)

    Google Scholar 

  8. Bonatti, P., Kraus, S., Subrahmanian, V.: Foundations of secure deductive databases. IEEE Transactions on Knowledge and Data Engineering 7(3), 406–422 (1995)

    Article  Google Scholar 

  9. Ceri, S., Gottlob, G., Tanca, L.: What you always wanted to know about Datalog (and never dared to ask). IEEE Transactions on Knowledge and Data Engineering 1(1), 146–166 (1989)

    Article  Google Scholar 

  10. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Detreville, J.: Binder, a logic-based security language. In: IEEE Symposium on Security and Privacy, pp. 105–113 (2002)

    Google Scholar 

  12. Farkas, C., Jajodia, S.: The inference problem: a survey. ACM SIGKDD Explorations Newsletter 4(2), 6–11 (2002)

    Article  Google Scholar 

  13. Gurevich, Y., Neeman, I.: DKAL: Distributed-knowledge authorization language. In: IEEE Computer Security Foundations Symposium (CSF), pp. 149–162 (2008)

    Google Scholar 

  14. Gurevich, Y., Neeman, I.: DKAL 2 – a simplified and improved authorization language. Technical Report MSR-TR-2009-11, Microsoft Research (2009)

    Google Scholar 

  15. Jajodia, S., Meadows, C.: Inference problems in multilevel secure database management systems. In: Information Security: An Integrated Collection of Essays (1995)

    Google Scholar 

  16. Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 106–115 (2001)

    Google Scholar 

  17. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Symposium on Security and Privacy, pp. 114–130 (2002)

    Google Scholar 

  18. OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 core specification (2005)

    Google Scholar 

  19. Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)

    Article  Google Scholar 

  20. Winsborough, W., Li, N.: Safety in automated trust negotiation. ACM Transactions on Information and System Security (TISSEC) 9(3) (2006)

    Google Scholar 

  21. Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: IEEE International Workshop on Policies for Distributed Systems and Networks (2002)

    Google Scholar 

  22. Winsborough, W.H., Seamons, K.E., Jones, V.E.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition, vol. 1 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, Cambridge, UK

    Moritz Y. Becker

  2. University of Birmingham, UK

    Masoud Koleini

Authors
  1. Moritz Y. Becker
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masoud Koleini
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dongchuan Road, 200240, Min Hang Shanghai, China

    Xuejia Lai

  2. Cryptography and Security Department, Institute for Infocomm Research, Singapore

    Jianying Zhou

  3. Key Laboratory of Computer Networks and Information, Security Xidian University, 2 South Taibai Road, Xi’an, 710071, Shaanxi, China

    Hui Li

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Becker, M.Y., Koleini, M. (2011). Opacity Analysis in Trust Management Systems. In: Lai, X., Zhou, J., Li, H. (eds) Information Security. ISC 2011. Lecture Notes in Computer Science, vol 7001. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24861-0_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24861-0_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24860-3

  • Online ISBN: 978-3-642-24861-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation