ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A calculus for access control in distributed systems
Full text PdfPdf (1.94 MB)
Source ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 15 ,  Issue 4  (September 1993) table of contents
Pages: 706 - 734  
Year of Publication: 1993
ISSN:0164-0925
Authors
Martín Abadi  Digital Equipment Corp., Palo Alto, CA
Michael Burrows  Digital Equipment Corp., Palo Alto, CA
Butler Lampson  Digital Equipment Corp., Palo Alto, CA
Gordon Plotkin  Univ. of Edinburgh, Edinburgh, Scotland, UK
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 40,   Downloads (12 Months): 261,   Citation Count: 78
Additional Information:

abstract   references   cited by   index terms   review   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/155183.155225
What is a DOI?

ABSTRACT

We study some of the concepts, protocols, and algorithms for access control in distributed systems, from a logical perspective. We account for how a principal may come to believe that another principal is making a request, either on his own or on someone else's behalf. We also provide a logical language for accesss control lists and theories for deciding whether requests should be granted.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Martín Abadi , Gordon D. Plotkin, A logical view of composition, Theoretical Computer Science, v.114 n.1, p.3-30, June 14 1993
 
2
Martín Abadi , Michael Burrows , C. Kaufman , Butler W. Lampson, Authentication and Delegation with Smart-cards, Proceedings of the International Conference on Theoretical Aspects of Computer Software, p.326-345, September 24-27, 1991
 
3
ANDR~KA, H. Representations of distributive lattice-ordered semigroups with binary relations. Manuscript, Aug. 1989.
 
4
BURROWS, M., ABADI, M., AND NEEDHAM, R.M. A logic of authentication. Proceedmgs of the Royal Society of London A 326 (1989), 233-271.
 
5
CCITT. CCITT Blue Book, Recommendation X.509 and ISO 9594-8: The directoryauthentication framework. Geneva, March 1988.
6
Ashok K. Chandra , Dexter C. Kozen , Larry J. Stockmeyer, Alternation, Journal of the ACM (JACM), v.28 n.1, p.114-133, Jan. 1981  [doi>10.1145/322234.322243]
 
7
DAM, M. Relevance logic and concurrent computation. In Proceedings of the Thwd IEEE Symposium on Log~e ~n Computer Science (July 1988), 178-185.
 
8
NATIONAL BUREAU OF STANDARDS. Data Encryption Standard. Fed. Inform. Processing Standards Pub. 46. Washington D.C , Jan. 1977.
 
9
D~Frm, W., AND HELLMAN, M. New directions m cryptography. IEEE Trans. Inf. Theor. IT-22, 6 (Nov. 1976), 644 654.
10
R. S. Fabry, Capability-based addressing, Communications of the ACM, v.17 n.7, p.403-412, July 1974  [doi>10.1145/361011.361070]
 
11
GASSER, M., GOLDSTEIN, A., KAUFMAN, C., AND LAMPSON, B. The Digital Distrihuted System Security Architecture. In Proceedzngs of thc 1989 Natwnal Computer Secumty Conference (Oct. 1989), 305-319.
 
12
(~'ASSER, M., AND i\~CDERMOTT, E. An architecture for practical delegation in a distributed system. In Proceedmgs of the 1990 IEEE Symposium on Secumty and Prwacy (May 1990), 20 30
 
13
Jean-Yves Girard, Linear logic, Theoretical Computer Science, v.50 n.1, p.1-102, Jan. 30, 1987  [doi>10.1016/0304-3975(87)90045-4]
 
14
HUGttES, G E , AND CRESSWELL, NI J An Introduction to Modal Logtc. Methuen, New York, 1968.
 
15
KOHL, J., NEUMAN, C., AND STEINER, J. The Kerberos network authentieation service (version 5, draft 3). Available by anonymous FTP from athena-dist.mit.edu, as /pub/doc/kerberos/V5DRAFT3-RFC.{PS,TXT}, Oct. 1990.
 
16
KOZEN, D A completeness theorem for Kleene algebras and the algebra of regular events. Cornell TR90-1123, May 1990.
17
Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992  [doi>10.1145/138873.138874]
 
18
Henry M. Levy, Capability-Based Computer Systems, Butterworth-Heinemann, Newton, MA, 1984
 
19
MILLEa, S P., NEUMAN, C., SCHILLER, J.I.~ AND SALTZER, J.H. Kerberos authentication and authorization system. In Projcct Athena Techmcal Plan, Section E.2.1, MIT, July 1987.
20
Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978  [doi>10.1145/359657.359659]
 
21
Vaughan Pratt, Dynamic algebras as a well-behaved fragment of relation algebras, Proceedings of the international conference on cryptology on Algebraic logic and universal algebra in computer science, September 1990, Sydney, Australia
22
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
 
23
SALTZER, J., AND SCHROEDER, ~/i. The protection of information in computer systems. Proc. IEEE ~3, 9 (Sept. 1975), 1278 1308.
 
24
SOLLTNS, K Cascaded authentlcat~on. In Pvoceedmgs of the 1988 IEEE Symposium o~ Securzty and Pr~vacy (April 1988), 156-163.
 
25
VICKERS, S. Samson Abramsky on linear process logics. Foundatlon Workshop Notes, Oct - Nov. 1988.
 
26
YETTER, D N.Quantales and (noncommutatlve) linear logic. J. Symb Log~e 55, 1 (March 1990), 41 64.

CITED BY  78
Olga Pacheco , José Carmo, A Role Based Model for the Normative Specification of Organized Collective Agency and Agents Interaction, Autonomous Agents and Multi-Agent Systems, v.6 n.2, p.145-184, March 2003
Andrew W. Appel , Edward W. Felten, Proof-carrying authentication, Proceedings of the 6th ACM conference on Computer and communications security, p.52-62, November 01-04, 1999, Kent Ridge Digital Labs, Singapore
Pierangela Samarati , Michael K. Reiter , Sushil Jajodia, An authorization model for a public key management service, ACM Transactions on Information and System Security (TISSEC), v.4 n.4, p.453-482, November 2001
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role based delegation, Proceedings of the sixth ACM symposium on Access control models and technologies, p.153-162, May 2001, Chantilly, Virginia, United States
Michael M. Swift , Peter Brundrett , Cliff Van Dyke , Praerit Garg , Anne Hopkins , Shannon Chan , Mario Goertzel , Gregory Jensenworth, Improving the granularity of access control in Windows NT, Proceedings of the sixth ACM symposium on Access control models and technologies, p.87-96, May 2001, Chantilly, Virginia, United States
Elisa Bertino , Claudio Bettini , Elena Ferrari , Pierangela Samarati, An access control model supporting periodicity constraints and temporal reasoning, ACM Transactions on Database Systems (TODS), v.23 n.3, p.231-285, Sept. 1998
Naoya Nitta , Hiroyuki Seki , Yashiaki Takata, Security verification of programs with stack inspection, Proceedings of the sixth ACM symposium on Access control models and technologies, p.31-40, May 2001, Chantilly, Virginia, United States
Dan S. Wallach , Andrew W. Appel , Edward W. Felten, SAFKASI: a security mechanism for language-based systems, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.341-378, Oct. 2000
Ninghui Li , Benjamin N. Grosof , Joan Feigenbaum, Delegation logic: A logic-based approach to distributed authorization, ACM Transactions on Information and System Security (TISSEC), v.6 n.1, p.128-171, February 2003
Yuh-Jong Hu, Some thoughts on agent trust and delegation, Proceedings of the fifth international conference on Autonomous agents, p.489-496, May 2001, Montreal, Quebec, Canada
Richard Hayton , Ken Moody, An open architecture for secure interworking services, Proceedings of the 7th workshop on ACM SIGOPS European workshop: Systems support for worldwide applications, September 09-11, 1996, Connemara, Ireland
Edward A. Schneider, Security architecture-based system design, Proceedings of the 1999 workshop on New security paradigms, p.25-31, September 22-24, 1999, Caledon Hills, Ontario, Canada
Stuart G. Stubblebine , Rebecca N. Wright, An authentication logic supporting synchronization, revocation, and recency, Proceedings of the 3rd ACM conference on Computer and communications security, p.95-105, March 14-15, 1996, New Delhi, India
Naoya Nitta , Yoshiaki Takata , Hiroyuki Seki, An efficient security verification method for programs with stack inspection, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992
H. M. Gladney, Access control for large collections, ACM Transactions on Information Systems (TOIS), v.15 n.2, p.154-194, April 1997
Elisa Bertino , Claudio Bettini , Pierangela Samarati, A temporal authorization model, Proceedings of the 2nd ACM Conference on Computer and communications security, p.126-135, November 1994, Fairfax, Virginia, United States
Elisa Bertino , Sushil Jajodia , Pierangela Samarati, A flexible authorization mechanism for relational data management systems, ACM Transactions on Information Systems (TOIS), v.17 n.2, p.101-140, April 1999
Edward Wobber , Martín Abadi , Michael Burrows , Butler Lampson, Authentication in the Taos operating system, ACM Transactions on Computer Systems (TOCS), v.12 n.1, p.3-32, Feb. 1994
Stuart G. Stubblebine , Rebecca N. Wright, An Authentication Logic with Formal Semantics Supporting Synchronization, Revocation, and Recency, IEEE Transactions on Software Engineering, v.28 n.3, p.256-285, March 2002
Mirosław Kurkowski , Jerzy Pejaś, A propositional logic for access control policy in distributed systems, Artificial intelligence and security in computing systems, Kluwer Academic Publishers, Norwell, MA, 2003
Elisa Bertino , Claudio Bettini , Elena Ferrari , Pierangela Samarati, A Temporal Access Control Mechanism for Database Systems, IEEE Transactions on Knowledge and Data Engineering, v.8 n.1, p.67-80, February 1996
John Reumann , Kang G. Shin, Stateful distributed interposition, ACM Transactions on Computer Systems (TOCS), v.22 n.1, p.1-48, February 2004
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role-based delegation and revocation, ACM Transactions on Information and System Security (TISSEC), v.6 n.3, p.404-441, August 2003
Edward Wobber , Martín Abadi , Michael Burrows , Butler Lampson, Authentication in the Taos operating system, ACM SIGOPS Operating Systems Review, v.27 n.5, p.256-269, Dec. 1993
Prasun Dewan , HongHai Shen, Flexible meta access-control for collaborative applications, Proceedings of the 1998 ACM conference on Computer supported cooperative work, p.247-256, November 14-18, 1998, Seattle, Washington, United States
Jerzy Pejaś, Certificate-based access control policies description language, Artificial intelligence and security in computing systems, Kluwer Academic Publishers, Norwell, MA, 2003
Jaehong Park , Ravi Sandhu, The UCONABC usage control model, ACM Transactions on Information and System Security (TISSEC), v.7 n.1, p.128-174, February 2004
François Siewe , Antonio Cau , Hussein Zedan, A compositional framework for access control policies enforcement, Proceedings of the 2003 ACM workshop on Formal methods in security engineering, p.32-42, October 30, 2003, Washington, D.C.
Giampaolo Bella, Interactive simulation of security policies, Proceedings of the 2002 ACM symposium on Applied computing, March 11-14, 2002, Madrid, Spain
Martín Abadi , Roger Needham, Prudent Engineering Practice for Cryptographic Protocols, IEEE Transactions on Software Engineering, v.22 n.1, p.6-15, January 1996
Susan Older , Shiu-Kai Chin, Outcomes-based assessment as an assurance education tool, Security education and critical infrastructures, Kluwer Academic Publishers, Norwell, MA, 2003
Michael M. Swift , Anne Hopkins , Peter Brundrett , Cliff Van Dyke , Praerit Garg , Shannon Chan , Mario Goertzel , Gregory Jensenworth, Improving the granularity of access control for Windows 2000, ACM Transactions on Information and System Security (TISSEC), v.5 n.4, p.398-437, November 2002
Churn-Jung Liau, Belief, information acquisition, and trust in multi-agent systems: a modal logic formulation, Artificial Intelligence, v.149 n.1, p.31-60, September 2003
Hidehito Gomi , Makoto Hatakeyama , Shigeru Hosono , Satoru Fujita, A delegation framework for federated identity management, Proceedings of the 2005 workshop on Digital identity management, November 11-11, 2005, Fairfax, VA, USA
Peter Chapin , Christian Skalka , X. Sean Wang, Risk assessment in distributed authorization, Proceedings of the 2005 ACM workshop on Formal methods in security engineering, November 11-11, 2005, Fairfax, VA, USA
Ninghui Li , John C. Mitchell , William H. Winsborough, Beyond proof-of-compliance: security analysis in trust management, Journal of the ACM (JACM), v.52 n.3, p.474-514, May 2005
Christian Skalka , X. Sean Wang, Trust but verify: authorization for web services, Proceedings of the 2004 workshop on Secure web service, p.47-55, October 29-29, 2004, Fairfax, Virginia
Hua Wang , Jiuyong Li , Ron Addie , Stijn Dekeyser , Richard Watson, A framework for role-based group deligation in distributed environments, Proceedings of the 29th Australasian Computer Science Conference, p.321-328, January 16-19, 2006, Hobart, Australia
Ninghui Li , Qihua Wang, Beyond separation of duty: An algebra for specifying high-level security policies, Journal of the ACM (JACM), v.55 n.3, p.1-46, July 2008
Cédric Fournet , Andrew D. Gordon , Sergio Maffeis, A type discipline for authorization policies, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.5, p.25-es, August 2007
Gustavo A. Santana Torrellas, A framework for security modeling using knowledge engineering, Proceedings of the 5th WSEAS International Conference on Artificial Intelligence, Knowledge Engineering and Data Bases, p.59-64, February 15-17, 2006, Madrid, Spain
José Carmo , Olga Pacheco, Deontic and Action Logics for Organized Collective Agency, Modeled through Institutionalized Agents and Roles, Fundamenta Informaticae, v.48 n.2-3, p.129-163, April 2001
Jeff Polakow , Christian Skalka, Specifying distributed trust management in LolliMon, Proceedings of the 2006 workshop on Programming languages and analysis for security, June 10-10, 2006, Ottawa, Ontario, Canada
Martín Abadi , Andrew D. Gordon, A calculus for cryptographic protocols: the spi calculus, Proceedings of the 4th ACM conference on Computer and communications security, p.36-47, April 01-04, 1997, Zurich, Switzerland
Pieter H. Hartel , Luc Moreau, Formalizing the safety of Java, the Java virtual machine, and Java card, ACM Computing Surveys (CSUR), v.33 n.4, p.517-558, December 2001
Nataraj Nagaratnam , Doug Lea, Secure delegation for distributed object environments, Proceedings of the 4th conference on USENIX Conference on Object-Oriented Technologies and Systems (COOTS), p.8-8, April 27-30, 1998, Santa Fe, New Mexico
Nataraj Nagaratnam , Steven B. Byrne, Resource access control for an internet user agent, Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS), p.15-15, June 16-20, 1997, Portland, Oregon
Gail-Joon Ahn , Badrinath Mohan , Seng-Phil Hong, Towards secure information sharing using role-based delegation, Journal of Network and Computer Applications, v.30 n.1, p.42-59, January 2007
Jon Howell , David Kotz, End-to-end authorization, Proceedings of the 4th conference on Symposium on Operating System Design & Implementation, p.11-11, October 22-25, 2000, San Diego, California
Lujo Bauer , Michael A. Schneider , Edward W. Felten, A General and Flexible Access-Control System for the Web, Proceedings of the 11th USENIX Security Symposium, p.93-108, August 05-09, 2002
Martín Abadi, Access Control in a Core Calculus of Dependency, Electronic Notes in Theoretical Computer Science (ENTCS), 172, p.5-31, April, 2007
David Pym , Chris Tofts, Systems Modelling via Resources and Processes: Philosophy, Calculus, Semantics, and Logic, Electronic Notes in Theoretical Computer Science (ENTCS), 172, p.545-587, April, 2007
Ted Wobber , Aydan Yumerefendi , Martín Abadi , Andrew Birrell , Daniel R. Simon, Authorizing applications in singularity, ACM SIGOPS Operating Systems Review, v.41 n.3, June 2007
Meenakshi Balasubramanian , Abhishek Bhatnagar , Namit Chaturvedi , Atish Datta Chowdhury , Arul Ganesh, A framework for decentralized access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
Martín Abadi, Access control in a core calculus of dependency, ACM SIGPLAN Notices, v.41 n.9, September 2006
Stephen Tse , Steve Zdancewic, Run-time principals in information-flow type systems, ACM Transactions on Programming Languages and Systems (TOPLAS), v.30 n.1, p.6-es, November 2007
Stéphane Demri , Hans Nivelle, Deciding Regular Grammar Logics with Converse Through First-Order Logic, Journal of Logic, Language and Information, v.14 n.3, p.289-329, June 2005
T. V. Ryutov , G. Gheorghiu , B. C. Neuman, An authorization framework for metacomputing applications, Cluster Computing, v.2 n.2, p.165-175, 1999
Masoom Alam , Jean-Pierre Seifert , Qi Li , Xinwen Zhang, Usage control platformization via trustworthy SELinux, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
Miranda Mowbray , Antonio Lain, Dominator-tree analysis for distributed authorization, Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security, June 07-13, 2008, Tucson, AZ, USA
Joseph Y. Halpern , Vicky Weissman, Using First-Order Logic to Reason about Policies, ACM Transactions on Information and System Security (TISSEC), v.11 n.4, p.1-41, July 2008
Glenn Bruns , Daniel S Dantas , Michael Huth, A simple and expressive semantic framework for policy composition in access control, Proceedings of the 2007 ACM workshop on Formal methods in security engineering, p.12-21, November 02-02, 2007, Fairfax, Virginia, USA
Tommaso Flaminio , G. Michele Pinna , Elisa B. P. Tiezzi, A complete fuzzy logical system to deal with trust management systems, Fuzzy Sets and Systems, v.159 n.10, p.1191-1207, May, 2008
Esther Palomar , Juan M. E. Tapiador , Julio C. Hernandez-Castro , Arturo Ribagorda, Secure content access and replication in pure P2P networks, Computer Communications, v.31 n.2, p.266-279, February, 2008
Sarath Indrakanti , Vijay Varadharajan , Ritesh Agarwal, On the design, implementation and application of an authorisation architecture for web services, International Journal of Information and Computer Security, v.1 n.1/2, p.64-108, January 2007
Chris Lesniewski-Laas , Bryan Ford , Jacob Strauss , Robert Morris , M. Frans Kaashoek, Alpaca: extensible authorization for distributed services, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Christian Skalka , X. Sean Wang , Peter Chapin, Risk management for distributed authorization, Journal of Computer Security, v.15 n.4, p.447-489, September 2007
Steve Barker , Marek J. Sergot , Duminda Wijesekera, Status-Based Access Control, ACM Transactions on Information and System Security (TISSEC), v.12 n.1, p.1-47, October 2008
Limin Jia , Jeffrey A. Vaughan , Karl Mazurak , Jianzhou Zhao , Luke Zarko , Joseph Schorr , Steve Zdancewic, AURA: a programming language for authorization and audit, ACM SIGPLAN Notices, v.43 n.9, September 2008
Peter C. Chapin , Christian Skalka , X. Sean Wang, Authorization in trust management: Features and foundations, ACM Computing Surveys (CSUR), v.40 n.3, p.1-48, August 2008
Zhengping Wu , Alfred C. Weaver, Requirements of federated trust management for service-oriented architectures, Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, October 30-November 01, 2006, Markham, Ontario, Canada
Ziqing Mao , Ninghui Li , Hong Chen , Xuxian Jiang, Trojan horse resistant discretionary access control, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Limin Jia , Steve Zdancewic, Encoding information flow in Aura, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland
Mahesh V. Tripunitara , Bogdan Carbunar, Efficient access enforcement in distributed role-based access control (RBAC) deployments, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Hua Wang , Jinli Cao , Yanchun Zhang, Delegating revocations and authorizations in collaborative business environments, Information Systems Frontiers, v.11 n.3, p.293-305, July 2009
Lujo Bauer , Limin Jia , Michael K. Reiter , David Swasey, xDomain: cross-border proofs of access, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Samson Abramsky , Radha Jagadeesan, Game Semantics for Access Control, Electronic Notes in Theoretical Computer Science (ENTCS), 249, p.135-156, August, 2009

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS

  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Authentication; Verification**

  F. Theory of Computation
  F.4 MATHEMATICAL LOGIC AND FORMAL LANGUAGES


General Terms:
Security, Theory, Verification


Keywords:
cryptographic protocols, cryptography, modal logic


REVIEW

"Ernst L. Leiss : Reviewer"

One of the major problems in the security of computer systems is access control. Its importance is increased in distributed systems. Thus, access control mechanisms in distributed systems are vital, but they are difficult to implement and even  more...

Collaborative Colleagues:
Martín Abadi: colleagues
Michael Burrows: colleagues
Butler Lampson: colleagues
Gordon Plotkin: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player