By Topic

Foundations of Logic-Based Trust Management

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
3 Author(s)
Becker, M.Y. ; Microsoft Res., Cambridge, UK ; Russo, A. ; Sultana, N.

Over the last 15 years, many policy languages have been developed for specifying policies and credentials under the trust management paradigm. What has been missing is a formal semantics - in particular, one that would capture the inherently dynamic nature of trust management, where access decisions are based on the local policy in conjunction with varying sets of dynamically submitted credentials. The goal of this paper is to rest trust management on a solid formal foundation. To this end, we present a model theory that is based on Kripke structures for counterfactual logic. The semantics enjoys compositionality and full abstraction with respect to a natural notion of observational equivalence between trust management policies. Furthermore, we present a corresponding Hilbert-style axiomatization that is expressive enough for reasoning about a system's observables on the object level. We describe an implementation of a mechanization of the proof theory, which can be used to prove non-trivial meta-theorems about trust management systems, as well as analyze probing attacks on such systems. Our benchmark results show that this logic-based approach performs significantly better than the only previously available, ad-hoc analysis method for probing attacks.

Published in:

Security and Privacy (SP), 2012 IEEE Symposium on

Date of Conference:

20-23 May 2012