skip to main content
10.1145/1229285.1229308acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
Article

Trust management services in relational databases

Published: 20 March 2007 Publication History

Abstract

Trust management represents today a promising approach for supporting access control in open environments. While several approaches have been proposed for trust management and significant steps have been made in this direction, a major obstacle that still exists in the realization of the benefits of this paradigm is represented by the lack of adequate support in the DBMS.In this paper, we present a design that can be used to implement trust management within current relational DBMSs. We propose a trust model with a SQL syntax and illustrate the main issues arising in the implementation of the model in a relational DBMS. Specific attention is paid to the efficient verification of a delegation path for certificates. This effort permits a relatively inexpensive realization of the services of an advanced trust management model within current relational DBMSs.

References

[1]
C. Ardagna, E. Damiani, S. De Capitani di Vimercati, S. Foresti, and P. Samarati. Trust management. In Security, Privacy and Trust in Modern Data Management. Springer, 2006.
[2]
M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote Trust Management System (Version 2), internet rfc 2704 edition, 1999.
[3]
M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proc. of the 17th Symposium on Security and Privacy, Oakland, California, USA, May 1996.
[4]
P. Bonatti and P. Samarati. A unified framework for regulating access and information release on the web. Journal of Computer Security, 10(3):241--272, 2002.
[5]
Y. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. REFEREE: Trust management for web applications. The World Wide Web Journal, 2(3):127--139, 1997.
[6]
Database language SQL - part 2: Foundation (SQL/foundation). ISO International Standard, ISO/IEC 9075:1999, 1999.
[7]
S. De Capitani di Vimercati, S. Foresti, S. Jajodia, and P. Samarati. Access control policies and languages in open environments. In Security in Decentralized Data Management. Springer, 2006.
[8]
C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certificate theory. RFC2693, September 1999.
[9]
R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, rfc 2459 edition, January 1999. http://www.ietf.org/rfc/rfc2459.txt.
[10]
K. Irwin and T. Yu. Preventing attribute information leakage in automated trust negotiation. In Proc. of the 12th ACM CCS, Alexandria, VA, USA, Nov. 2005.
[11]
N. Li, J. Mitchell, and W. Winsborough. Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM, 52(3):474--514, May 2005.
[12]
N. Li, W. Winsborough, and J. Mitchell. Distributed credential chain discovery in trust management. Journal of Computer Security, 11(1):35--86, February 2003.
[13]
J. Ni, N. Li, and W. Winsborough. Automated trust negotiation using cryptographic credentials. In Proc. of the 12th ACM CCS, Alexandria, VA, USA, Nov. 2005.
[14]
P. Samarati and S. De Capitani di Vimercati. Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag, 2001.
[15]
L. Wang, D. Wijesekera, and S. Jajodia. A logic-based framework for attribute based access control. In Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, Washington DC, USA, October 2004.
[16]
J. Warner, V. Atluri, and R. Mukkamala. An attribute graph based approach to map local access control policies to credential based access control policies. In Proc. of the International Conference on Information Systems Security (ICISS 2005), Kolkata, India, December 2005.
[17]
M. Winslett, N. Ching, V. Jones, and I. Slepchin. Using digital credentials on the World-Wide Web. Journal of Computer Security, 1997.
[18]
T. Yu and M. Winslett. A unified scheme for resource protection in automated trust negotiation. In Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2003.
[19]
T. Yu, M. Winslett, and K. Seamons. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Transactions on Information and System Security, 6(1):1--42, February 2003.

Cited By

View all
  • (2013)Supporting User Privacy Preferences in Digital InteractionsComputer and Information Security Handbook10.1016/B978-0-12-394397-2.00046-5(813-834)Online publication date: 2013
  • (2012)Integrating trust management and access control in data-intensive Web applicationsACM Transactions on the Web10.1145/2180861.21808636:2(1-43)Online publication date: 4-Jun-2012
  • (2012)From MDM to DB2Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy10.1007/978-3-642-31540-4_16(207-222)Online publication date: 11-Jul-2012
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security
March 2007
323 pages
ISBN:1595935746
DOI:10.1145/1229285
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 March 2007

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access control
  2. credentials
  3. relational DBMS
  4. trust

Qualifiers

  • Article

Conference

Asia CCS07
Sponsor:

Acceptance Rates

ASIACCS '07 Paper Acceptance Rate 33 of 180 submissions, 18%;
Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2013)Supporting User Privacy Preferences in Digital InteractionsComputer and Information Security Handbook10.1016/B978-0-12-394397-2.00046-5(813-834)Online publication date: 2013
  • (2012)Integrating trust management and access control in data-intensive Web applicationsACM Transactions on the Web10.1145/2180861.21808636:2(1-43)Online publication date: 4-Jun-2012
  • (2012)From MDM to DB2Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy10.1007/978-3-642-31540-4_16(207-222)Online publication date: 11-Jul-2012
  • (2011)Trust Management in DatabasesEncyclopedia of Cryptography and Security10.1007/978-1-4419-5906-5_693(1326-1327)Online publication date: 2011
  • (2010)Access Control in Data Management SystemsSynthesis Lectures on Data Management10.2200/S00281ED1V01Y201005DTM0042:1(1-117)Online publication date: Jan-2010
  • (2010)Effective trust management through a hybrid logical and relational approachProceedings of the 5th ACM Symposium on Information, Computer and Communications Security10.1145/1755688.1755710(169-179)Online publication date: 13-Apr-2010
  • (2010)Trust management for Web Services2010 International Conference on Network and Service Management10.1109/CNSM.2010.5691187(262-265)Online publication date: Oct-2010
  • (2009)More Anonymous Onion Routing Through TrustProceedings of the 2009 22nd IEEE Computer Security Foundations Symposium10.1109/CSF.2009.27(3-12)Online publication date: 8-Jul-2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media