Cited By
View all- TRIVELLATO DZANNONE NETALLE S(2012)GEM: A distributed goal evaluation algorithm for trust managementTheory and Practice of Logic Programming10.1017/S147106841200039714:3(293-337)Online publication date: 3-Dec-2012
On the consistency of distributed proofs with hidden subtrees
Article No.: 25, Pages 1 - 32
Abstract
Previous work has shown that distributed authorization systems that fail to sample a consistent snapshot of the underlying system during policy evaluation are vulnerable to a number of attacks. Unfortuantely, the consistency enforcement solutions presented in previous work were designed for systems in which only CA-certified evidence is used during the decision-making process, all of which is available to the decision-making node at runtime. In this article, we generalize previous results and present light-weight mechanisms through which consistency constraints can be enforced in proof systems in which the full details of a proof may be unavailable to the querier due to information release policies, and the existence of certificate authorities for certifying evidence is unlikely; these types of distributed proof systems are likely candidates for use in pervasive computing and sensor network environments. We present modifications to one such distributed proof system that enable three types of consistency constraints to be enforced while still respecting the same confidentiality and integrity policies as the original proof system. We then discuss how these techniques can be adapted and applied to other, less restrictive, distributed proof systems. Further, we detail a performance analysis that illustrates the modest overheads of our consistency enforcement schemes.
References
[1]
Adve, S. V. and Gharachorloo, K. 1996. Shared memory consistency models: A tutorial. IEEE Comput. 66--76.
[2]
Al-Muhtadi, J., Ranganathan, A., Campbell, R., and Mickunas, D. 2003. Cerberus: A context-aware security scheme for smart spaces. In Proceedings of the 1st International Conference on Pervasive Computing and Communications. IEEE, Los Alamitos, CA, 489--496.
[3]
Babaoğlu, O. and Marzullo, K. 1993. Consistent global states of distributed systems: fundamental concepts and mechanisms. In Distributed Systems, S. J. Mullender, Ed. Addison-Wesley, Upper Saddle River, NJ. 55--96.
[4]
Bacon, J., Moody, K., and Yao, W. 2002. A model of OASIS role-based access control and its support for active security. ACM Trans. Inform. Syst. Secur. 5, 4, 492--540.
[5]
Bauer, L., Garriss, S., and Reiter, M. K. 2005. Distributed proving in access-control systems. In Proceedings of the Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 81--95.
[6]
Becker, M. Y. and Sewell, P. 2004. Cassandra: Distributed access control policies with tunable expressiveness. In Proceedings of the 5th International Workshop on Policies for Distributed Systems and Networks. IEEE, Los Alamitos, CA, 159--168.
[7]
Bertino, E., Ferrari, E., and Squicciarini, A. C. 2004. Trust-X: A peer-to-peer framework for trust establishment. IEEE Trans. Knowl. Data Eng. 16, 7, 827--842.
[8]
Cellary, W., Gelenbe, E., and Morzy, T. 1988. Concurrency Control in Distributed Database Systems. Elsevier Science Publishing Company, Inc.
[9]
Chandy, K. M. and Lamport, L. 1985. Distributed snapshots: Determining global states of distributed systems. ACM Trans. Comput. Syst. 3, 1, 63--75.
[10]
Covington, M. J., Long, W., Srinivasan, S., Dey, A. K., Ahamad, M., and Abowd, G. D. 2001. Securing context-aware applications using environment roles. In Proceedings of the 6th Symposium on Access Control Models and Technologies. ACM, New York, 10--20.
[11]
Jim, T. 2001. SD3: A trust management system with certified evaluation. In Proceedings of the Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 106--115.
[12]
Lee, A. J., Minami, K., and Winslett, M. 2007. Lightweight consistency enforcement schemes for distributed proofs with hidden subtrees. In Proceedings of the 12th Symposium on Access Control Models and Technologies (SACMAT '07). ACM, New York, 101--110.
[13]
Lee, A. J. and Winslett, M. 2006. Safety and consistency in policy-based authorization systems. In Proceedings of the 13th Conference on Computer and Communications Security. ACM, New York, 124--133.
[14]
Lee, A. J. and Winslett, M. 2008. Enforcing safety and consistency constraints in policy-based authorization systems. ACM Trans. Inform. Syst. Secur.
[15]
Li, J., Li, N., and Winsborough, W. H. 2005. Automated trust negotiation using cryptographic credentials. In Proceedings of the 12th Conference on Computer and Communications Security. ACM, New York, 46--57.
[16]
McDaniel, P. 2003. On context in authorization policy. In Proceedings of the 8th Symposium on Access Control Models and Technologies (SACMAT 2003). ACM, New York, 80--89.
[17]
Minami, K. and Kotz, D. 2005. Secure context-sensitive authorization. J. Pervasive Mobile Comput. 1, 1, 123--156.
[18]
Minami, K. and Kotz, D. 2006. Scalability in a secure distributed proof system. In Proceedings of the 4th International Conference on Pervasive Computing (Pervasive).
[19]
Myers, M., Ankney, R., Malpani, A., Galperin, S., and Adams, C. 1999. X.509 Internet public key infrastructure online certificate status protocol—OCSP. IETF RFC 2560.
[20]
Myles, G., Friday, A., and Davies, N. 2003. Preserving privacy in environments with location-based applications. IEEE Pervasive Comput. 2, 1, 56--64.
[21]
Rivest, R. L. 1992. The MD5 message-digest algorithm. IETF RFC 1321.
[22]
Tanenbaum, A. S. and van Steen, M. 2002. Distributed Systems: Principles and Paradigms. Prentice Hall.
[23]
Winsborough, W. and Li, N. 2002. Towards practical automated trust negotiation. In Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02). IEEE, Los Alamitos, CA, 92.
[24]
Winslett, M., Zhang, C. C., and Bonatti, P. A. 2005. PeerAccess: A logic for distributed authorization. In Proceedings of the 12th Conference on Computer and Communications Security. ACM, New York, 168--179.
[25]
Yu, T., Winslett, M., and Seamons, K. E. 2003. Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inform. Syst. Secur. 6, 1.
[26]
Zhou, L., Schneider, F. B., and van Renesse, R. 2002. COCA: A secure distributed online certification authority. ACM Trans. Comput. Syst. 20, 4, 329--368.
Index Terms
- On the consistency of distributed proofs with hidden subtrees
Recommendations
Lightweight consistency enforcement schemes for distributed proofs with hidden subtrees
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologiesIn distributed proof construction systems, information release policies can make it unlikely that any single node in the system is aware of the complete structure of any particular proof tree. This property makes it difficult for queriers to determine ...
Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems
In trust negotiation and other forms of distributed proving, networked entities cooperate to form proofs of authorization that are justified by collections of certified attribute credentials. These attributes may be obtained through interactions with ...
Safety and consistency in policy-based authorization systems
CCS '06: Proceedings of the 13th ACM conference on Computer and communications securityIn trust negotiation and other distributed proving systems, networked entities cooperate to form proofs that are justi?ed by collections of certi?ed attributes. These attributes may be obtained through interactions with any number of external entities ...
Comments
Information & Contributors
Information
Published In
Copyright © 2010 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2010
Accepted: 01 February 2009
Received: 01 January 2008
Published in TISSEC Volume 13, Issue 3
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed
Funding Sources
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 312Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View all- TRIVELLATO DZANNONE NETALLE S(2012)GEM: A distributed goal evaluation algorithm for trust managementTheory and Practice of Logic Programming10.1017/S147106841200039714:3(293-337)Online publication date: 3-Dec-2012
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in