@Article{Aba98, author = "Mart\'{\i}n Abadi", title = "On {SDSI}'s Linked Local Name Spaces", journal = "Journal of Computer Security", volume = "6", number = "1--2", pages = "3--21", year = "1998", } @Article{ABLP93, author = "Mart\'{\i}n Abadi and Michael Burrows and Butler Lampson and Gordon Plotkin", title = "A Calculus for Access Control in Distributed Systems", journal = "ACM Transactions on Programming Languages and Systems", volume = "15", number = "4", pages = "706--734", year = 1993, month = oct, notes = "Also available as SRC Research Report 70", } @Article{AABF02, author = "Nabil R. Adam and Vijay Atluri and Elisa Bertino and Elena Ferrari", title = "A Content-Based Authorization Model for Digital Libraries", journal = "IEEE Transactions on Knowledge and Data Engineering", volume = "14", number = "2", pages = "196--315", month = "March/April", year = "2002", } @InProceedings{Aur98, author = "Tuomas Aura", title = "Fast Access Control Decisions from Delegation Certificate Databases", booktitle = "Proceedings of 3rd Australasian Conference on Information Security and Privacy (ACISP '98)", series = "Lecture Notes in Computer Science", volume = "1438", paddress = "Berlin", year = "1998", publisher = "Springer", pages = "284--295", url = "http://www.tcs.hut.fi/Publications/papers/aura/aura-acisp98.ps", } @InProceedings{Aur98b, author = "Tuomas Aura", title = "On the structure of delegation networks", booktitle = "Proceedings of the 11th IEEE Computer Security Foundations Workshop", month = jun, year = "1998", pages = "14--26", publisher = "IEEE Computer Society Press", } %%%%%%%% Is the book title correct> @InProceedings{And96, author = "Ross J. Anderson", title = "A Security Policy Model for Clinical Information Systems", booktitle = "Proceedings of the 1996 {IEEE} Symposium on Research in Security and Privacy", pages = "30--43", publisher = "{IEEE} Computer Society Press", paddress = "Los Alamitos, California", year = "1996", url = "\code{ http://www.cl.cam.ac.uk/ftp/users/rja14/oakpolicy.ps.Z}", } @InProceedings{AF99, author = "Andrew W. Appel and Edward W. Felten", title = "Proof-Carrying Authentication", booktitle = "Proceedings of 6th ACM Conference on Computer and Communications Security (CCS-6)", month = nov, year = "1999", } %%%%%%%%%%%%%%%%%%%%%%%%%%%%%% BBBBBBBBBBBBBBBB @InProceedings{BDS00, author = "Dirk Balfanz and Drew Dean and Mike Spreitzer", title = "A Security Infrastructure for Distributed Java Applications", booktitle = "Proceedings of 2000 IEEE Symposium on Security and Privacy", year = "2000", month = may, pages = "15--26", } @TechReport{BSF01, author = "Lujo Bauer and Michael A. Schneider and Edward W. Felten", title = "A Proof-Carrying Authorization System", number = "CS-TR-638-01", institution = "Department of Computer Science, Princeton University", month = apr, year = "2001", } @InProceedings{BSF02, author = "Lujo Bauer and Michael A. Schneider and Edward W. Felten", title = "A General and Flexible Access-Control System for the Web", booktitle = "Proceedings of the 11th USENIX Security Symposium", month = aug, year = "2002", } @InProceedings{BD02, author = "Olav Bandmann and Mads Dam", title = "A Note On {SPKI}'s Authorization Syntax", booktitle = "Pre-Proceedings of 1st Annual PKI Research Workshop", month = apr, year = 2002, note = "Available from \code{http://www.cs.dartmouth.edu/\ensuremath{\sim}pki02/}", } @InProceedings{BBFR99, author = "Elisa Bertino and Francesco Buccafurri and Elena Ferrari and Pasquale Rullo", title = "A Logical Framework for Reasoning on Data Access Control Policies", booktitle = "Proceedings of the 12th {IEEE} Computer Security Foundations Workshop", pages = "175--189", publisher = "IEEE Computer Society Press", year = "1999", } @Article{BBFS98, author = "Elisa Bertino and Claudio Bettini and Elena Ferrari and Pierangela Samarati", title = "An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning", journal = "ACM Transactions on Database Systems", volume = "23", number = "3", pages = "231--285", year = "1998", } @Inproceedings{BCF01, author = "E.~Bertino and S.~Castano and E.~Ferrari", title ="{On Specifying Security Policies for Web Docuents with an XML-based Language}", booktitle = "Sixth ACM SACMAT", month = may, year = 2001, address = {Chantilly, VA}, } @Article{BJS99, author = "Elisa Bertino and Sushil Jajodia and Pierangela Samarati", title = "A Flexible Authorization Mechanism for Relational Data Management Systems", journal = "ACM Transactions on Information Systems", volume = "17", number = "2", pages = "101--140", month = apr, year = "1999", comment = "This extends \cite{BJS96}", } @InProceedings{BFL96, author = "Matt Blaze and Joan Feigenbaum and Jack Lacy", title = "Decentralized Trust Management", booktitle = "Proceedings of the 1996 {IEEE} Symposium on Security and Privacy", paddress = "Los Alamitos, CA", month = may, year = "1996", publisher = "IEEE Computer Society Press", pages = "164--173", url = "\code{http://www.crypto.com/papers/policymaker.pdf}", } @InProceedings{BFS98, author = "Matt Blaze and Joan Feigenbaum and Martin Strauss", title = "Compliance-Checking in the {PolicyMaker} Trust Management System", booktitle = "Proceedings of Second International Conference on Financial Cryptography (FC'98)", series = "Lecture Notes in Computer Science", volume = "1465", paddress = "Berlin", year = "1998", publisher = "Springer", pages = "254--274", url = "http://www.crypto.com/papers/pmcomply.pdf", } @misc{RFC2704, author = "Matt Blaze and Joan Feigenbaum and John Ioannidis and Angelos D. Keromytis", title = "The {KeyNote} Trust-Management System, Version 2", year = "1999", month = sep, howpublished = "IETF RFC 2704", url = "http://www.ietf.org/rfc/rfc2704.txt", } @InCollection{BFIK99, author = "Matt Blaze and Joan Feigenbaum and John Ioannidis and Angelos D. Keromytis", title = "The Role of Trust Management in Distributed Systems", booktitle = "Secure Internet Programming", series = "Lecture Notes in Computer Science", volume = "1603", paddress = "Berlin", year = "1999", publisher = "Springer", pages = "185--210", } @Article{BIK02, author = "Matt Blaze and John Ioannidis and Angelos D. Keromytis", title = "Trust Management for {IPsec}", journal = "ACM Transactions on Information and System Security", year = "2002", volume = "5", number = "2", pages = "95--118", month = may, } @INPROCEEDINGS{BJMW94, author = "E.~Bina and V.~Jones and R.~McCool and M.~Winslett", title = "{Secure Access to Data Over the Internet}", booktitle = "Conference on Parallel and Distributed Information Systems", month = sep, year = 1994, } @misc{RFC2587, author = "Sharon Boeyen and Tim Howes and Patrick Richard", title = "{Internet} {X.509} {Public} {Key} {Infrastructure} {LDAPc2} {Schema}", year = "1999", month = jun, howpublished = "IETF RFC 2587", } @InProceedings{BS00, author = "Piero Bonatti and Pierangela Samarati", title = "Regulating Service Access and Information Release on the Web", booktitle = "Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7)", publisher = "ACM Press", month = nov, year = "2000", pages = "134--143", cADDRESS = {Athens, Greece} } @InProceedings{BN89, author = "David F.C. Brewer and Michael J. Nash", title = "The Chinese Wall Security Policy", booktitle = "Proceedings of the 1989 IEEE Symposium on Security and Privacy", publisher = "IEEE Computer Society Press", address = "Los Alamitos", year = "1989", month = may, pages = "206-218", } %%%%%%%%%%%%%%%%%%%%%%%%%%%%%% CCCCCCCCCCCCCCCCCC @InProceedings{CMS01, author = "Ajay Chander and John C. Mitchell and Insik Shin", title = "Mobile code security by {Java} bytecode instrumentation", booktitle = "DARPA Information Survivability Conference \& Exposition (DISCEX II)", month = jun, year = "2001", } @InProceedings{CDM01, author = "Ajay Chander and Drew Dean and John C. Mitchell", title = "A State-transition Model of Trust Management and Access Control", booktitle = "Proceedings of the 14th IEEE Computer Security Foundations Workshop", pages = "27--43", month = jun, publisher = "IEEE Computer Society Press", paddress = "Los Alamitos, California", year = "2001", } @InProceedings{CW87, author = "David D. Clark and David R. Wilson", title = "A Comparision of Commercial and Military Computer Security Policies", booktitle = "Proceedings of the 1987 IEEE Symposium on Security and Privacy", month = may, year = "1987", pages = "184--194", publisher = "IEEE Computer Society Press", paddress = "Los Alamitos", } @article{CEEFMR01, author = "Dwaine Clarke and Jean-Emile Elien and Carl Ellison and Matt Fredette and Alexander Morcos and Ronald L. Rivest", title = "Certificate Chain Discovery in {SPKI/SDSI}", journal = "Journal of Computer Security", year = "2001", volume = "9", number = "4", pages = "285--322", } @article{CFLRS97, author = "Yang-Hua Chu and Joan Feigenbaum and Brian LaMacchia and Paul Resnick and Martin Strauss", title = "{REFEREE}: Trust Management for Web Applications", journal = "World Wide Web Journal", volume = "2", pages = "706--734", year = "1997", url = "\code{http://www.research.att.com/\ensuremath{\sim}trmaster/TRs/97/97.2/97.2.1.body.ps}", } @misc{P3P2002, author = {Lorrie Cranor and Marc Langheinrich and Massimo Marchiori and Martin Presler-Marshall and Joseph Reagle}, title = {The Platform for Privacy Preferences 1.0 ({P3P}1.0)}, howpublished = {World Wide Web Consortium Recommendation}, month = apr, year = "2002", url = "\code{http://www.w3.org/TR/P3P}", } %%%%%%%%%%%%%%%%%%%%%%%%%%%%%% DDDDDDDDDDDDDDDDDDDD @InProceedings{DeT02, author = "John DeTreville", title = "Binder, a Logic-Based Security Language", booktitle = "Proceedings of the 2002 IEEE Symposium on Security and Privacy", paddress = "", month = may, year = "2002", publisher = "IEEE Computer Society Press", pages = "105--113", } @INPROCEEDINGS{da98, author = "T.~Dierks and C.~Allen", title = "{The TLS Protocol Version 1.0}", booktitle = "http://www.ietf.org/rfc/rfc2246.txt", month = jan, year = 1999, } %%%%%%%%%%%%%%%%%%%%%%%%%%%%%% EEEEEEEEEEEEEEEE @InProceedings{EAHMPP01, author = "Yassir Elley and Anne Anderson and Steve Hanna and Sean Mullan and Radia Perlman and Seth Proctor", title = "Building Certificate Paths: Forward vs. Reverse", booktitle = "Proceedings of the 2001 Network and Distributed System Security Symposium (NDSS'01)", paddress = "", month = feb, year = "2001", publisher = "Internet Society", pages = "153--160", } @misc{RFC2693, author = "Carl Ellison and Bill Frantz and Butler Lampson and Ron Rivest and Brian Thomas and Tatu Ylonen", title = "{SPKI} Certificate Theory", year = "1999", month = sep, howpublished = "IETF RFC 2693", } @misc{SPKI06, author = "Carl Ellison and Bill Frantz and Butler Lampson and Ron Rivest and Brian Thomas and Tatu Ylonen", title = "Simple Public Key Certificates", year = "1999", month = jul, howpublished = "Internet Draft (work in progress)", note = "Available at \code{http://world.std.com/\ensuremath{\sim}cme/spki.txt}", } @InProceedings{EN01, author = "Pasi Eronen and Pekka Nikander", title = "Decentralized Jini Security", booktitle = "Proceedings of the Network and Distributed System Security Symposium", month = feb, year = "2001", } %%%%%%%%%%%%%%%%%%%%%%%%%%%%%% FFFFFFFFFFFFFF @INPROCEEDINGS{farrell98, author = "S.~Farrell", title = "{TLS Extension for Attribute Certificate Based Authorization}", booktitle = "http://www.ietf.org/internet-drafts/draft-ietf-tls-attr-cert-01.txt", month = aug, year = 1998, } @misc{FH01, author = "Stephen Farrell and Russell Housley", title = "An {Internet} Attribute Certificate Profile for Authorization", mounth = jun, year = "2001", houwpublished= "PKIX Working Group, Internet Draft", } @misc{Fin96, author = "Hal Finney", title = "Transitive Trust and {MLM}", howpublished = "Post to cypherpunks mailing list, archived at \code{http://www.inet-one.com/cypherpunks/\mbox{dir.1996.05.02-1996.05.08}/msg00415.html}", month = may, year = "1996", } @Manual{SSL, author= "A.~Frier and P.~Karlton and P.~Kocher", title = "{The SSL 3.0 Protocol}", organization = "Netscape Communications Corp.", month = nov, year = 1996, } @InProceedings{FSSF00, author = "Kevin Fu and Emil Sit and Kendra Smith and Nick Feamster", title = "Dos and Dont's of Client Authentication on the Web", booktitle = "10th USENIX Security Symposium", month = aug, year = "2000", paddress = "Washington D.C.", } @InProceedings{GI97, author = "Luigi Giuri and Pietro Iglio", title = "Role Templates for Content-based Access Control", booktitle = "Proceedings of the Second ACM Workshop on Role-Based Access Control (RBAC'97)", paddress = "", month = nov, year = "1997", pages = "153--159", } @InProceedings{GrDe72, author = "G. Scott Graham and Peter J. Denning", title = "Protection - Principles and Practice", booktitle = "Proceedings of the AFIPS Spring Joint Computer Conference", volume = "40", pages = "417--429", year = "1972", caddress = "Atlantic City, New Jersey", month = "May 16--18", publisher = "AFIPS Press", paddress = "210 Summit Avenue, Montvale, New Jersey 07645", } @book{GHR95, author = "Raymond Greenlaw and H. James Hoover and Walter L. Ruzzo", title = "Limits to Parallel Computation: P-Completeness Theory", year = "1995", publisher = "Oxford University Press", } @inProceedings{GSS01, author = "Martin Groher and Thomas Schwentick and Luc Segoufin", title = "When is the evaluation of conjunctive queries tractable?", booktitle = "Proceedings of the 33rd Annual Symposium on Theory of Computing (STOC'01)", month = jul, year = "2001", pages = "657--666", } @article{GJ00, author = "Carl A. Gunter and Trevor Jim", title = "Policy-directed Certificate Retrieval", journal = "Software: Practice \& Experience", year = "2000", volume = "30", number = "15", pages = "1609--1640", month = sep, } %%%%%%%%%%%%%%%%%%%% HHHHHHHHHHHHHHHHHHHHHHH @article{HvdM01a, author = "Joseph Halpern and Ron van der Meyden", title = "A logic for {SDSI}'s linked local name spaces", journal = "Journal of Computer Security", volume = "9", number = "1-2", year = "2001", pages = "47--74", } @InProceedings{HvdM01b, author = "Joseph Halpern and Ron van der Meyden", title = "A logic reconstruction of {SPKI}", booktitle = "Proceedings of the 14th IEEE Computer Security Foundations Workshop", month = jun, year = "2001", publisher = "IEEE Computer Society Press", pages = "59--70", } @Article{HRU76, author = "Michael A. Harrison and Walter L. Ruzzo and Jeffrey D. Ullman", title = "Protection in Operating Systems", journal = "Communications of the ACM", volume = "19", number = "8", year = 1976, month = aug, pages = "461--471", } @InProceedings{HMMNR00, author = "Amir Herzberg and Yosi Mass and Joris Mihaeli and Dalit Naor and Yiftach Ravid", title = "Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers", booktitle = "Proceedings of the 2000 IEEE Symposium on Security and Privacy", paddress = "Los Alamitos, CA", month = may, year = "2000", publisher = "IEEE Computer Society Press", pages = "2--14", url = "http://www.hrl.il.ibm.com/TrustEstablishment/paper.pdf", } @Inproceedings{HM01, author = "A.~Herzberg and Y.~Mass", title ="{Relying Party Credentials Framework}", booktitle = "The Cryptographer's Tract at RSA Conference", month = apr, year = 2001, address = {San Francisco, CA}, } @Article{HM02, author = "Amir Herzberg and Yosi Mass", title = "Relying Party Credential Framework", journal = "Electronic Commerce Research Journal", note = "To Appear in Special Issue on Security Aspects in E-Commerce", year = "2002", } @InProceedings{HJMWSS02, author = "Adam Hess and Jared Jacobson and Hyrum Mills and Ryan Wamsley and Kent E. Seamons and Bryan Smith", title = "Advanced Client/Server Authentication in {TLS}", booktitle = "Network and Distributed System Security Symposium", month = feb, pages = "203--214", year = "2002", } @misc{RFC2459, author = "Russell Housley and Warwick Ford and Tim Polk and David Solo", title = "{Internet X.509 Public Key Infrastructure Certificate and CRL Profile}", year = "1999", month = jan, howpublished = "IETF RFC 2459", url = "http://www.ietf.org/rfc/rfc2459.txt", } @Phdthesis{How00, author = "Jonathan R. Howell", title = "Naming and sharing resources acroos administrative boundaries", school = "Dartmouth College", month = may, year = "2000", } @InProceedings{HK00, author = "Jonathan R. Howell and David Kotz", title = "A Formal Semantics for {SPKI}", booktitle = "Proceedings of the Sixth European Symposium on Research in Computer Security (ESORICS 2000)", pages = "140--158", month = oct, year = "2000", publisher = "Springer", } %%%%%%%%%%%%%%%% IIIIIIIIIIIIIIIIII @Article{iajr97, author = "N.~Islam and R.~Anand and T.~Jaeger and J.~R.~Rao", title = "{A Flexible Security System for Using Internet Content}", journal ="IEEE Software", volume = 14, number = 5, month = sep, year = 1997, } %%%%%%%%%%%%%%%%%%%% JJJJJJJJJJJJJJJJJJJJJJJJJ @InProceedings{JSS97, author = "Sushil Jajodia and Pierangela Samarati and V. S. Subrahmanian", title = "A Logical Language for Expressing Authorizations", booktitle = "Proceedings of the 1997 IEEE Symposium on Security and Privacy", pages = "31--42", publisher = "IEEE Computer Society Press", year = "1997", url = "\code{http://www.isse.gmu.edu/\ensuremath{\sim}csis/publications/oak97-jss.ps}", } @InProceedings{JSSB97, author = "Sushil Jajodia and Pierangela Samarati and V. S. Subrahmanian and Elisa Bertino", title = "A Unified Framework for Enforcing Multiple Access Control Policies", booktitle = "Proceedings of ACM SIGMOD International Conference on Management of Data", pages = "474--485", year = "1997", url = "\code{http://www.isse.gmu.edu/\ensuremath{\sim}csis/publications/sigmod97.ps}", } @InProceedings{JR02, author = "Somesh Jha and Thomas Reps", title = "Analysis of {SPKI/SDSI} Certificates Using Model Checking", booktitle = "Proceedings of the 15th IEEE Computer Security Foundations Workshop", pages = "129--144", publisher = "IEEE Computer Society Press", month = jun, year = "2002", } @InProceedings{Jim01, author = "Trevor Jim", title = "{SD3}: A Trust Management System with Certified Evaluation", booktitle = "Proceedings of the 2001 IEEE Symposium on Security and Privacy", paddress = "Los Alamitos, CA", month = may, year = "2001", publisher = "IEEE Computer Society Press", pages = "106--115", } @INPROCEEDINGS{JMT98, author = "W.~Johnson and S.~Mudumbai and M.~Thompson", title = "{Authorization and Attribute Certificates for Widely Distributed Access Control}", booktitle = "IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises", year = 1998, } @Article{Ken93, author = "Stephen T. Kent", title = "Internet Privacy Enhanced Mail", journal = "Communications of the ACM", volume = "36", number = "8", pages = "48--60", month = aug, year = "1993", } %%%%%%%%%%%%%%%%%%%%% LLLLLLLLLLLLLLLLL @Article{LABW92, author = "Butler Lampson and Mart\'{\i}n Abadi and Michael Burrows and Edward Wobber", title = "Authentication in Distributed Systems: Theory and Practice", journal = "ACM Transactions on Computer Systems", year = "1992", month = Nov, annote = "describe a logic for authentication (with delegation, roles and trust hierachies) and access control and show how to apply the ideas in a distributed systems (interesting)", number = "4", pages = "265--310", volume = "10", } @InProceedings{Lam71, author = "Butler W. Lampson", title = "Protection", booktitle = "Proceedings of the 5th Princeton Conference on Information Sciences and Systems", year = "1971", note = "Reprinted in ACM Operating Systems Review, 8(1):18-24, Jan 1974", } @Article{LS77, author = "Richard J. Lipton and Lawrence Snyder", title = "A Linear Time Algorithm for Deciding Subject Security", journal = "Journal of ACM", volume = "24", number = "3", pages = "455--464", year = "1977", } @misc{XD1LP, author = "Ninghui Li", title = "{XD1LP}: An Implementation of {D1LP} in {XSB}", note = "\code{http://cs.nyu.edu/ninghui/xd1lp/}" } @Phdthesis{LiThesis, author = "Ninghui Li", title = "Delegation Logic: A Logic-based Approach to Distributed Authorization", school = "New York University", month = "September", year = "2000", } @InProceedings{Li00, author = "Ninghui Li", title = "Local Names in {SPKI/SDSI}", booktitle = "Proceedings of the 13th IEEE Computer Security Foundations Workshop", paddress = "Los Alamitos, CA", month = jul, year = "2000", publisher = "IEEE Computer Society Press", pages = "2--15", url = "http://cs.nyu.edu/ninghui/papers/csfw13.pdf", } @InProceedings{LFG99, author = "Ninghui Li and Joan Feigenbaum and Benjamin N. Grosof", title = "A Logic-based Knowledge Representation for Authorization with Delegation (Extended Abstract)", booktitle = "Proceedings of the 1999 IEEE Computer Security Foundations Workshop", publisher = "IEEE Computer Society Press", pages = "162--174", month = jun, year = "1999", } @InProceedings{LGF00, author = "Ninghui Li and Benjamin N. Grosof and Joan Feigenbaum", title = "A Practically Implementable and Tractable {Delegation Logic}", booktitle = "Proceedings of the 2000 IEEE Symposium on Security and Privacy", paddress = "Los Alamitos, CA", month = may, year = "2000", publisher = "IEEE Computer Society Press", pages = "27--42", url = "http://crypto.stanford.edu/\ensuremath{\sim}ninghui/papers/s\&p00.pdf", } @Article{LGF03, author = "Ninghui Li and Benjamin N. Grosof and Joan Feigenbaum", title = "{Delegation Logic}: A Logic-based Approach to Distributed Authorization", journal = "ACM Transaction on Information and System Security (TISSEC)", volume = "6", number = "1", month = feb, pages = "128--171", year = "2003", } @InProceedings{LF01, author = "Ninghui Li and Joan Feigenbaum", title = "Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation (Position Paper)", booktitle = "Proceedings of the 5th Internation Conference on Financial Cryptography (FC'01)", pages = "166--177", series = "Lecture Notes in Computer Science", number = "2339", publisher = "Springer", year = "2002", } @InProceedings{LMW02, author = "Ninghui Li and John C. Mitchell and William H. Winsborough", title = "Design of a Role-Based Trust Management Framework", booktitle = "Proceedings of the 2002 IEEE Symposium on Security and Privacy", publisher = "IEEE Computer Society Press", month = may, pages = "114--130", year = "2002", } @InProceedings{LWM01old, author = "Ninghui Li and William H. Winsborough and John C. Mitchell", title = "Distributed Credential Chain Discovery in Trust Management (Extended Abstract)", booktitle = "Proceedings of the Eighth ACM Conference on Computer and Communications Security (CCS-8)", publisher = "ACM Press", month = nov, year = "2001", pages = "156--165", } @Article{LWM03a, author = "Ninghui Li and William H. Winsborough and John C. Mitchell", title = "Distributed Credential Chain Discovery in Trust Management", journal = "Journal of Computer Security", volume = "11", number = "1", pages = "35--86", month = feb, year = "2003", comment = "Extended abstract appeared in \emph{Proceedings of the Eighth ACM Conference on Computer and Communications Security}, November 2001.", } @InProceedings{LWM03b, author = "Ninghui Li and William H. Winsborough and John C. Mitchell", title = "Beyond Proof-of-compliance: Safety and Availability Analysis in Trust Management", booktitle = "Proceedings of IEEE Symposium on Security and Privacy", publisher = "IEEE Computer Society Press", month = may, year = 2003, pages = "123--139", } @InProceedings{LM03a, author = "Ninghui Li and John C. Mitchell", title = "Datalog with Constraints: A Foundation for Trust Management Languages", booktitle = "Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003)", month = jan, year = 2003, pages = "58--73", publisher = "Springer", } @InProceedings{LM03b, author = "Ninghui Li and John C. Mitchell", title = "{RT}: A Role-based Trust-management Framework", booktitle = "The Third DARPA Information Survivability Conference and Exposition (DISCEX III)", publisher = "IEEE Computer Society Press", month = apr, year = "2003", } @Misc{Lietal02, author = "Ninghui Li and John C. Mitchell and Yu Qiu and William H. Winsborough and Kent E. Seamons and Michael Halcrow and Jared Jacobson", title = "{RTML: A Role-based Trust-management Markup Language}", month = aug, year = "2002", note = "Unpublished manuscript. Available at \code{http://crypto.stanford.edu/\ensuremath{\sim}ninghui/papers/rtml.pdf}.", } @InProceedings{LS97, author = "Emil C. Lupu and Morris Sloman", title = "Reconciling Role Based Management and Role Based Access Control", booktitle = "Proceedings of the Second ACM Workshop on Role-Based Access Control (RBAC'97)", month = nov, year = "1997", pages = "135--141", } @Article{LS99, author = "Emil C. Lupu and Morris Sloman", title = "Conflict in Policy-based Distributed Systems Management", journal = "IEEE Transaction on Software Engineering -- Special Issue on Inconsistency Management", volume = "25", number = "6", pages = "852--869", month = "November/December", year = "1999", url = "http://www-dse.doc.ic.ac.uk/\ensuremath{\sim}ecl1/papers/TSE/web.pdf", } @InProceedings{Mau96, author = "Ueli Maurer", title = "Modelling a Public-Key Infrastructure", booktitle = "Proceedings of the 1996 European Symposium on Research in Computer Security", series = "Lecture Notes in Computer Science", volume = "1146", pages = "325--350", publisher = "Springer", paddress = "Berlin", year = "1997", url = "\code{ftp://ftp.inf.ethz.ch/pub/publications/papers/ti/isc/Pub\_Key\_Model.ps.gz}" } @article{NT94, author = "B. Clifford Neuman and Theodore Ts'o", title = "Kerberos: An authentication service for computer networks", journal = "IEEE Communications Magazine", pages = "33--38", month = sep, year = "1994", } %%%%%%%%%%%%%% PPPPPPPPPPPP @InProceedings{PS99, author = "Joon S. Park and Ravi Sandhu", title = "Smart Certificates: Extending {X.509} for Secure Attribute Services on the Web", booktitle = "Proceedings of the 22nd National Information Systems Security Conference", year = "1999", month = oct, } @article{PS00, author = "Joon S. Park and Ravi Sandhu", title = "Secure Cookies on the Web", journal = "IEEE Internet Computing", volume = 4, number = 4, pages = "36--44", month = "July/August", year = "2000", } @InProceedings{PS01, author = "Najam Perwaiz and Ian Sommerville", title = "Structured Management of Role-Permission Relationships", booktitle = "Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies (SACMAT'01)", publisher = "ACM Press", paddress = "", month = may, year = "2001", pages = "163--169", } @InProceedings{PV00, author = "Pino Persiano and Ivan Visconti", title = "User Privacy Issues Regarding Certificates and the TLS Protocol", booktitle = "Proceedings of the 7th ACM Conference on Computer and Communications Security", publisher = "ACM Press", paddress = "", month = nov, year = "2000", pages = "53--62", } %%%%%%%%%%%%%%%%%%%%% RRRRRRRRRRRRRRRRRRRRRR @Article{RRSTW99, author = "I. V. Ramakrishnan and Prasad Rao and Konstantinos Sagonas and Terrance Swift and David S. Warren", title = "Efficient Access Mechanisms for Tabled Logic Programs", journal = {Journal of Logic Programming}, year = {1999}, volume = {38}, number = {1}, pages = {31--55}, month = {January}, } @INPROCEEDINGS{https, author = "Eric Rescorla", title = "{HTTP Over TLS}", booktitle = "http://www.ietf.org/proceedings/99jul/I-D/draft-ietf-tls-https-02.txt", month = sep, year = 1998, } @book{Res01, author = "Eric Rescorla", title = "SSL, TLS: Designing, and Building Secure Systems", publisher = "Addison-Wesley", year = 2001, } @Article{RM96, author = "Paul Resnick and James Miller", title = "{PICS}: Internet Access Controls without Censorship", journal = "Communications of the ACM", volume = "39", number = "10", pages = "87--93", month = oct, year = "1996", url = "http://www.bilkent.edu.tr/pub/WWW/PICS/iacwc.htm", } @Misc{RL96, author = "Ronald L. Rivest and Bulter Lampson", title = "{SDSI} --- A Simple Distributed Security Infrastructure", month = oct, year = "1996", note = "Available at \code{ http://theory.lcs.mit.edu/\ensuremath{\sim}rivest/sdsi11.html}", } @InProceedings{RN00, author = "Tatyana Ryutov and Clifford Neuman", title = "Representation and Evaluation of Security Policies for Distributed System Services", booktitle = "Proceedings of the 2000 DARPA Information Survivability Conference and Exposition", publisher = "IEEE Computer Society Press", month = jan, year = "2000", url = "http://www.isi.edu/\ensuremath{\sim}tryutov/papers/discex2000.pdf", } %%%%%%%%%%%%%%%%%%%%%%% SSSSSSSSSSSSSSSS @Article{San88, author = "Ravi S. Sandhu", title = "{The Schematic Protection Model}: Its Definition and Analysis for Acyclic Attenuating Systems", journal = "Journal of ACM", volume = "35", number = "2", pages = "404--432", year = 1988, } @InProceedings{San92, author = "Ravi S. Sandhu", title = "The Typed Access Matrix Model", booktitle = "Proceedings of the 1992 {IEEE} Symposium on Security and Privacy", pages = "122--136", publisher = "{IEEE} Computer Society Press", paddress = "Los Alamitos, California", month = may, year = "1992", } @Article{SCFY96, author = "Ravi S. Sandhu and Edward J. Coyne and Hal L. Feinstein and Charles E. Youman", title = "Role-Based Access Control Models", journal = {IEEE Computer}, year = {1996}, OPTkey = {}, volume = {29}, number = {2}, pages = {38--47}, month = {February}, OPTnote = {}, OPTannote = {} } @INPROCEEDINGS{SWY01, AUTHOR = {Kent E. Seamons and Marianne Winslett and Ting Yu}, TITLE = "Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation", BOOKTITLE = {Proceedings of the Symposium on Network and Distributed System Security (NDSS'01)}, cADDRESS = {San Diego}, MONTH = {February}, pages = {}, YEAR = {2001} } @InProceedings{SWYYJ02, author = {Kent E. Seamons and Marianne Winslett and Ting Yu and Lina Yu and Ryan Jarvis}, title = {Protecting Privacy During On-line Trust Negotiation}, booktitle = {2nd Workshop on Privacy Enhancing Technologies}, publisher = {Springer-Verlag}, month = Apr, year = 2002 } @InProceedings{SWYSCJMY02, author = "Kent E. Seamons and Marianne Winslett and Ting Yu and Bryan Smith and Evan Child and Jared Jacobsen and Hyrum Mills and Lina Yu", title = "Requirements for Policy Languages for Trust Negotiation", booktitle = "Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002)", publisher = "IEEE Computer Society Press", pages = "68--79", month = jun, year = "2002", } @InProceedings{SZ97, author = "Tichard T. Simon and Mary Ellen Zurko", title = "Separation of Duty in Role-Based Environments", booktitle = "Proceedings of The 10th Computer Security Foundations Workshop", publisher = "IEEE Computer Society Press", month = jun, year = "1997", pages = "183--194", } @Article{Sny81, author = "Lawrence Snyder", title = "Formal Models of Capability-Based Protection Systems", journal = "IEEE Transactions on Computers", volume = "C-30", number = "3", month = mar, year = "1981", pages = "172--181", } @InProceedings{Sut86, author = "David Sutherland", title = "A Model of Information", booktitle = "Proceedings of the 9th National Computer Security Conference", pages = "175--183", month = sep, year = "1986", } @misc{TNH+02, author = "Brian Tung and Clifford Neuman and Matthew Hur and Ari Medvinsky and Sasha Medvinsky and John Wray and Jonathan Trostle", title = "Public Key Cryptography for Initial Authentication in Kerberos", howpublished = "Internet Draft, expires March 2002", note = "draft-ietf-cat-kerberos-pk-init-16.txt", } @Book{Ull89, author = "Jefferey D. Ullman", title = "Principles of Databases and Knowledge-Base System", year = 1989, volume = "2", publisher = "Computer Science Press", } @Book{UW97, author = "Jefferey D. Ullman and Jennifer Widom", title = "A First Course in Database Systems", year = 1997, publisher = "Prentice Hall", } @Article{WCJS97, author="W.~Winslett and N.~Ching and V.~Jones and I.~Slepchin", title="{Using Digital Credentials on the World-Wide Web}", journal = "Journal of Computer Security", year = 1997, pages ={255-267}, } @Article{Winsl_etal02, author = "Marianne Winslett and Ting Yu and Kent E. Seamons and Adam Hess and Jared Jacobson and Ryan Jarvis and Bryan Smith and Lina Yu", title = "Negotiating Trust on the Web", journal = "IEEE Internet Computing", volume = "6", number = "6", month = "November/December", year = "2002", pages = "30--37", } @InProceedings{WSJ00, author = "William H. Winsborough and Kent E. Seamons and Vicki E. Jones", title = "Automated Trust Negotiation", booktitle = "DARPA Information Survivability Conference and Exposition", pages = "88--102", volume = "I", year = "2000", month = jan, publisher = "IEEE Press", } @InProceedings{WL02a, author = "William H. Winsborough and Ninghui Li", title = "Towards Practical Automated Trust Negotiation", booktitle = "Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002)", year = "2002", pages = "92--103", month = jun, publisher = "IEEE Computer Society Press", } @InProceedings{WL02b, author = "William H. Winsborough and Ninghui Li", title = "Protecting Sensitive Attributes in Automated Trust Negotiation", booktitle = "Proceedings of the ACM Workshop on Privacy in the Electronic Society", month = nov, year = "2002", pages = "41--51", publisher = "ACM Press", } @InProceedings{Wee01, author = "Stephen Weeks", title = "Understanding Trust Management Systems", booktitle = "Proceedings of 2001 IEEE Symposium on Security and Privacy", year = "2001", month = may, publisher = "IEEE Computer Society Press", pages = "94--105", } @Article{WL93, author = "Thomas Y.C. Woo and Simon S. Lam", title = "Authorization in Distributed Systems: A New Approach", journal = "Journal of Computer Security", volume = "2", number = "2/3", pages = "107--136", year = "1993", url = "ftp://ftp.cs.utexas.edu/pub/lam/final-1.ps.gz" } @InProceedings{WL98, author = "Thomas Y.C. Woo and Simon S. Lam", title = "Designing a Distributed Authorization Service", booktitle = "Proceedings of IEEE INFOCOM '98", month = mar, year = "1998", pages = "419--429", url = "ftp://ftp.cs.utexas.edu/pub/lam/info98b.ps.gz", } @Article{Winsletal02, author = "Marianne Winslett and Ting Yu and Kent E. Seamons and Adam Hess and Jared Jacobson and Ryan Jarvis and Bryan Smith and Lina Yu", title = "Negotiating Trust on the Web", journal = "IEEE Internet Computing", pages = "30--37", volume = "6", number = "6", month = "November/December", year = "2002", } @INPROCEEDINGS{YMW00, AUTHOR = {Ting Yu and Xiaosong Ma and Marianne Winslett}, TITLE = {PRUNES: An Efficient and Complete Strategy for Trust Negotiation over the Internet}, BOOKTITLE = {Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-7)}, pages = "210--219", month = nov, YEAR = {2000}, publisher = "ACM Press", } @InProceedings{YW03, author = "Ting Yu and Marianne Winslett", title = "Unified Scheme for Resource Protection in Automated Trust Negotiation", booktitle = "Proceedings of IEEE Symposium on Security and Privacy", pages = "110--122", publisher = "IEEE Computer Society Press", caddress = "Oakland", month = may, year = "2003", } @INPROCEEDINGS{YWS01, AUTHOR = {Ting Yu and Marianne Winslett and Kent E. Seamons}, TITLE = {Interoperable Strategies in Automated Trust Negotiation}, BOOKTITLE = {Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8)}, publisher = "ACM Press", pages = "146--155", month = nov, YEAR = {2001}, } @Article{YWS03, author = "Ting Yu and Marianne Winslett and Kent E. Seamons", title = "Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation", journal = "ACM Transactions on Information and System Security (TISSEC)", volume = "6", number = "1", month = feb, year = "2003", pages = "1--42", notes = "Preliminary version appeared in ACM Conference on Computer and Communication Security (CCS-8), 2001", } @InProceedings{ZAC01, author = "Longhua Zhang and Gail-Joon Ahn and Bei-Tseng Chu", title = "A Rule-Based Framework for Role-Based Delegation", booktitle = "Proceedings of the Sixth ACM Symposium on Access control models and technologies (SACMAT'01)", publisher = "ACM Press", month = jun, year = "2001", pages = "153--162", } @misc{XSB, author = "The XSB Research Group", title = "The {XSB} Programming System", note = "\code{http://xsb.sourceforge.net/}", } @misc{P3P, author = "WWW Consorortium", title = "{Platform for Privacy Preferences (P3P) Project}", note = "\code{http://www.w3.org/P3P/}", } @misc{APPEL, author = "Marc Langheinrich", title = "{A P3P Preference Exchange Language 1.0 (APPEL1.0)}", howpublished = "W3C Working Draft", month = apr, year = "2002", url = "\code{http://www.w3.org/TR/P3P-preferences}", } @book{X509, author = "ITU-T Rec. X.509 (revised)", title = "The {Directory} - Authentication Framework", publisher = "International Telecommunication Union", year = "1993", } @Manual{X.509y97, title ="{Rec.~X.509 - Information Technology - Open Systems Interconnection - The Directory: Authentication Framework}", Organization = "International Telecommunication Union", month= aug, year = 1997, } @misc{SAML, author = "Phillip Hallam-Baker and Eve Maler", title = "Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML)", howpublished = "OASIS Committee Specification", month = may, year = "2002", } @misc{XACML, author = "XACML TC", title = "OASIS eXtensible Access Control Markup Language (XACML)", howpublished = "http://www.oasis-open.org/committees/xacml/", } @InProceedings{LiDuBo03, author = "Ninghui Li and Wenliang Du and Dan Boneh", title = "Oblivious Signature-Based Envelope", booktitle = "Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003)", month = jul, year = "2003", publisher = "ACM Press", }