Effective trust management through a hybrid logical and relational approach

Adam J. Lee, Ting Yu, Yann Le Gall
2010 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security - ASIACCS '10  
Despite a plethora of recent research regarding trust management approaches to authorization, relatively little attention has been given to exactly how these technologies can be effectively deployed. In this paper, we investigate one way in which well-established logical trust management systems described in the literature can be deployed within enterprise environments. Specifically, we develop a framework within which logical trust management policies can be managed using a relational DBMS. We
more » ... describe a correct and complete procedure for compiling CTM credentials into dynamic views within a database, and show how the resulting system can be used to perform role membership checks or to enumerate the members of a given role. We then propose a hybrid algorithm that leverages the logical ruleset and the underlying DBMS to efficiently enumerate the capabilities ascribed to a given user. We also present an evaluation of a prototype implementation of our framework that demonstrates the practicality of our approach. As CTM extends the RT family of trust management languages-which are representative of a large class of Datalog-based trust management systems-our work is likely generalizable to other trust management approaches.
doi:10.1145/1755688.1755710 dblp:conf/ccs/LeeYG10 fatcat:2aek5ng5drhwhk4e5pwjfb55te