Abstract

Despite a plethora of recent research regarding trust management approaches to authorization, relatively little attention has been given to exactly how these technologies can be effectively deployed. In this paper, we investigate one way in which well-established logical trust management systems described in the literature can be deployed within enterprise environments. Specifically, we develop a framework within which logical trust management policies can be managed using a relational DBMS. We describe a correct and complete procedure for compiling CTM credentials into dynamic views within a database, and show how the resulting system can be used to perform role membership checks or to enumerate the members of a given role. We then propose a hybrid algorithm that leverages the logical ruleset and the underlying DBMS to efficiently enumerate the capabilities ascribed to a given user. We also present an evaluation of a prototype implementation of our framework that demonstrates the practicality of our approach. As CTM extends the RT family of trust management languages---which are representative of a large class of Datalog-based trust management systems---our work is likely generalizable to other trust management approaches.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.