6,477 research outputs found
Belief Semantics of Authorization Logic
Authorization logics have been used in the theory of computer security to
reason about access control decisions. In this work, a formal belief semantics
for authorization logics is given. The belief semantics is proved to subsume a
standard Kripke semantics. The belief semantics yields a direct representation
of principals' beliefs, without resorting to the technical machinery used in
Kripke semantics. A proof system is given for the logic; that system is proved
sound with respect to the belief and Kripke semantics. The soundness proof for
the belief semantics, and for a variant of the Kripke semantics, is mechanized
in Coq
Nonmonotonic Trust Management for P2P Applications
Community decisions about access control in virtual communities are
non-monotonic in nature. This means that they cannot be expressed in current,
monotonic trust management languages such as the family of Role Based Trust
Management languages (RT). To solve this problem we propose RT-, which adds a
restricted form of negation to the standard RT language, thus admitting a
controlled form of non-monotonicity. The semantics of RT- is discussed and
presented in terms of the well-founded semantics for Logic Programs. Finally we
discuss how chain discovery can be accomplished for RT-.Comment: This paper appears in the proceedings of the 1st International
Workshop on Security and Trust Management (STM 2005). To appear in ENTC
Effective Caching for the Secure Content Distribution in Information-Centric Networking
The secure distribution of protected content requires consumer authentication
and involves the conventional method of end-to-end encryption. However, in
information-centric networking (ICN) the end-to-end encryption makes the
content caching ineffective since encrypted content stored in a cache is
useless for any consumer except those who know the encryption key. For
effective caching of encrypted content in ICN, we propose a novel scheme,
called the Secure Distribution of Protected Content (SDPC). SDPC ensures that
only authenticated consumers can access the content. The SDPC is a lightweight
authentication and key distribution protocol; it allows consumer nodes to
verify the originality of the published article by using a symmetric key
encryption. The security of the SDPC was proved with BAN logic and Scyther tool
verification.Comment: 7 pages, 9 figures, 2018 IEEE 87th Vehicular Technology Conference
(VTC Spring
Model Checking Social Network Models
A social network service is a platform to build social relations among people
sharing similar interests and activities. The underlying structure of a social
networks service is the social graph, where nodes represent users and the arcs
represent the users' social links and other kind of connections. One important
concern in social networks is privacy: what others are (not) allowed to know
about us. The "logic of knowledge" (epistemic logic) is thus a good formalism
to define, and reason about, privacy policies. In this paper we consider the
problem of verifying knowledge properties over social network models (SNMs),
that is social graphs enriched with knowledge bases containing the information
that the users know. More concretely, our contributions are: i) We prove that
the model checking problem for epistemic properties over SNMs is decidable; ii)
We prove that a number of properties of knowledge that are sound w.r.t. Kripke
models are also sound w.r.t. SNMs; iii) We give a satisfaction-preserving
encoding of SNMs into canonical Kripke models, and we also characterise which
Kripke models may be translated into SNMs; iv) We show that, for SNMs, the
model checking problem is cheaper than the one based on standard Kripke models.
Finally, we have developed a proof-of-concept implementation of the
model-checking algorithm for SNMs.Comment: In Proceedings GandALF 2017, arXiv:1709.0176
Naming and sharing resources across administrative boundaries
I tackle the problem of naming and sharing resources across administrative boundaries. Conventional systems manifest the hierarchy of typical administrative structure in the structure of their own mechanism. While natural for communication that follows hierarchical patterns, such systems interfere with naming and sharing that cross administrative boundaries, and therefore cause headaches for both users and administrators. I propose to organize resource naming and security, not around administrative domains, but around the sharing patterns of users.
The dissertation is organized into four main parts. First, I discuss the challenges and tradeoffs involved in naming resources and consider a variety of existing approaches to naming.
Second, I consider the architectural requirements for user-centric sharing. I evaluate existing systems with respect to these requirements.
Third, to support the sharing architecture, I develop a formal logic of sharing that captures the notion of restricted delegation. Restricted delegation ensures that users can use the same mechanisms to share resources consistently, regardless of the origin of the resource, or with whom the user wishes to share the resource next. A formal semantics gives unambiguous meaning to the logic. I apply the formalism to the Simple Public Key Infrastructure and discuss how the formalism either supports or discourages potential extensions to such a system.
Finally, I use the formalism to drive a user-centric sharing implementation for distributed systems. I show how this implementation enables end-to-end authorization, a feature that makes heterogeneous distributed systems more secure and easier to audit. Conventionally, gateway services that bridge administrative domains, add abstraction, or translate protocols typically impede the flow of authorization information from client to server. In contrast, end-to-end authorization enables us to build gateway services that preserve authorization information, hence we reduce the size of the trusted computing base and enable more effective auditing. I demonstrate my implementation and show how it enables end-to-end authorization across various boundaries. I measure my implementation and argue that its performance tracks that of similar authorization mechanisms without end-to-end structure.
I conclude that my user-centric philosophy of naming and sharing benefits both users and administrators
- …