Security and Trust Management
6th International Workshop, STM 2010, Athens, Greece, September 23-24, 2010, Revised Selected Papers
Published on 7. October 2011
X, 271 pages
978-3-642-22444-7 (ISBN)
Description
This book constitutes the thoroughly refereed post-conference proceedings of the 6th International Workshop on Security and Trust Management, STM 2010, held in Athens, Greece, in September 2010.
The 17 revised full papers presented were carefully reviewed and selected from 40 submissions. Focusing on high-quality original unpublished research, case studies, and implementation experiences, STM 2010 encouraged submissions discussing the application and deployment of security technologies in practice.
The 17 revised full papers presented were carefully reviewed and selected from 40 submissions. Focusing on high-quality original unpublished research, case studies, and implementation experiences, STM 2010 encouraged submissions discussing the application and deployment of security technologies in practice.
More details
Other editions
Additional editions
Jorge Cuellar | Javier Lopez | Gilles Barthe
Security and Trust Management
6th International Workshop, STM 2010, Athens, Greece, September 23-24, 2010, Revised Selected Papers
Book
09/2011
Springer
€53.49
Shipment within 7-9 days
Content
- Title
- Preface
- STM 2010 6th International Workshop on Security and Trust Management
- Table of Contents
- An Auto-delegation Mechanism for Access Control Systems
- Introduction
- An Object-Centric Auto-delegation Mechanism
- Availability of Subjects
- The ADM Policy
- Applications
- Using the ADM
- ADM as an Exception Mechanism
- Standalone Policy
- Cryptographic Implementations of ADM
- Centralized Cryptographic Implementation
- Decentralized Cryptographic Implementation
- Conclusion
- References
- Automated Symbolic Analysis of ARBAC-Policies
- Introduction
- RBAC and ARBAC Policies
- Symbolic Representation of ARBAC Policies
- Symbolic Representation of RBAC Policies
- Symbolic Representation of Initial RBAC Policies, Constraints, and Goals
- Symbolic Representation of Administrative Actions
- Reachability and Satisfiability Modulo TARBAC
- Symbolic Analysis of ARBAC Policies
- Termination
- Preliminary Experiments
- Discussion
- References
- Influence of Attribute Freshness on Decision Making in Usage Control
- Introduction
- Background
- UCON
- Risk Analysis
- Uncertainties
- Running Example
- Risk-Aware Decision for Policy of One Attribute
- Computation of Probability
- Decision Making
- Risk of Violation of Complex Policy
- Combination of Probabilities
- Combination of Losses and Benefits
- Possible Mitigation Strategies
- Related Work
- Conclusion and Future Work
- References
- Rewrite Specifications of Access Control Policies in Distributed Environments
- Introduction
- Preliminaries
- Term Rewriting
- Category-Based Metamodel
- A Distributed Category-Based Metamodel
- Operational Semantics
- Evaluating Access Requests
- Examples
- Policy Analysis: Proving Properties of Policies
- Related Work
- Conclusions and Further Work
- References
- A Case Study in Decentralized, Dynamic, Policy-Based, Authorization and Trust Management - Automated Software Distribution for Airplanes
- Why do We Need Dynamic, Decentralized Authorization and Trust Management?
- Authorization
- Dynamic Ad-Hoc Trust Relationships
- Case Study in Automated Software Distribution to Airplanes
- Trust Relationships between Suppliers, Manufacturers and Airlines
- Trust Relationships between Airline, Service Providers and Airplanes
- Policy-Based Authorization and Trust Management
- SecPAL - Logic-Based, Decentralized Authorization
- Other Security Token Frameworks: SAML, WS-* Security and XACML
- Other Logic-Based Authorization and Trust Policy Languages
- Applying SecPAL to the Case Study
- Building and Managing Trust between Airlines and Suppliers
- Authorizing Services to Perform Tasks in Airplanes
- Demonstrator
- Conclusion
- References
- GUTS: A Framework for Adaptive and Configureable Grid User Trust Service
- Introduction
- Trust Management in Grid Environments
- Activity-Oriented Grid Trust Approach
- Activity-Aware Trust in the Grid
- Managing Grid User Trust
- Grid User Trust Service (GUTS) Framework
- Grid Middleware-Agnostic Trust Specification
- Grid Middleware-Dependent Trust Specification
- Trust Management and Visualization
- Deployment of GUTS in EGEE Grid
- EGEE Overview
- GUTS Integration with the g-Eclipse Framework
- GUTS Integration with the gLite Middleware
- Conclusion and Future Work
- References
- Aggregating Trust Using Triangular Norms in the KeyNote Trust Management System
- Introduction
- Quantifying Trust
- Trust Aggregation Using Max and Min
- Trust Aggregation Using Triangular Norms and Conorms
- Accumulating Trust
- A Model of Trust Aggregation
- Trust Aggregation in QKeyNote
- KeyNote Compliance Values as Degrees of Trust
- Aggregating Compliance Values in QKeyNote
- Accumulating Compliance Values in QKeyNote
- Compensating Aggregation Operators
- Implementing trust(X,Y)
- Discussion
- References
- An Authentication Trust Metric for Federated Identity Management Systems
- Introduction
- Related Work
- Formal Representation of Trust for Authentication
- Trust Semantics
- Inference Rules
- Direct Trust and Propagation Trust for Authentication
- Derivation of Direct Trust and Propagation Trust
- Authentication Trust Quantification
- Authentication Trust Value
- Trust Value Calculation
- Authentication Trust Assessment
- Discussion
- Conclusion and Future Work
- References
- A Trust-Augmented Voting Scheme for Collaborative Privacy Management
- Introduction
- Preliminaries
- Trust in Social Networks
- Privacy Policies
- Condorcet's Preferential Voting Scheme
- A Trust-Augmented Voting Scheme
- Incorporating Trust as Weighted Votes
- A Heuristic Algorithm
- Experimental Results
- Inference of Privacy Policies
- Discussion and Conclusion
- References
- Universally Composable NIZK Protocol in an Internet Voting Scheme
- Introduction
- Related Work
- The Internet Voting Scheme
- Security Requirements
- The Scheme
- Ballot Verification Using NIZK Protocol
- Introduction
- The NIZK Protocol
- The Security Properties of the NIZK Protocol
- Universally Composable NIZK Protocol
- The UC Framework
- Ideal Functionalities
- Universally Composable NIZK Protocol
- Conclusions
- References
- Protocol Analysis Modulo Combination of Theories: A Case Study in Maude-NPA
- Introduction
- Background on Term Rewriting
- Protocol Specification and Analysis in Maude-NPA
- A Unification Algorithm for XOR pk-sk AC
- Variant Narrowing and Variant Unification
- Finding Attacks Modulo XOR pk-sk AC Using Maude-NPA
- Related Work
- Conclusions and Future Work
- References
- Defamation-Free Networks through User-Centered Data Control
- Introduction
- Related Work
- Data Control
- Data Control vs. Usage Control
- Data Control Scenarios
- Data Control Requirements
- Solution Proposal
- Centralized Architecture
- Decentralized P2P Architecture
- Centralized vs. Decentralized
- Conclusion
- Future Work
- References
- InDico: Information Flow Analysis of Business Processes for Confidentiality Requirements
- Introduction
- Running Example
- Colored Petri Net
- IFnet: Modeling Business Processes for IF Analysis
- Labeling Strategies
- Workflow Isolation
- Analysis of IFnet Models
- Causality of Activities
- Resource Conflicts
- Discussion and Related Work
- Summary
- References
- Stateful Authorization Logic: Proof Theory and a Case Study
- Introduction
- Case Study: Stateful Authorization by Example
- The Logic BL: Syntax and Proof Theory
- BL0: The says Connective
- BL1: State Predicates
- BL: Explicit Time and the @ Connective
- Metatheory of BL
- Related Work
- Conclusion
- References
- Privacy-Friendly Energy-Metering via Homomorphic Encryption
- Introduction
- Background on Smart Metering
- Stakeholders
- Privacy Concerns
- Centralised Trust
- Secure Authentication and Local Storage: ``Power to the Meter''
- Basic Protocols
- The No-Leakage Protocol
- Security Notions
- Security Analysis
- Conclusions
- References
- Extending an RFID Security and Privacy Model by Considering Forward Untraceability
- Introduction
- RFID Privacy Models
- Extended RFID Security and Privacy Model
- System Model
- Adversarial Model
- Privacy Classes
- Security Properties
- Privacy
- The Notion of Forward Untraceability for RFID
- Analysis of the Song and Mitchell's Scheme
- Violating the Forward Untraceability
- Server Impersonation Attack after Corrupting the Tag
- Analysis of the Cai et al.'s Scheme
- Analysis of the Lim and Kwon's Scheme
- Analysis of the Forward Untraceability
- Analysis of Server Impersonation
- Conclusion
- References
- Protecting Privacy of Sensitive Value Distributions in Data Release
- Introduction
- Motivation and Reference Scenario
- Data Model and Problem Definition
- Assessing Exposure
- Controlling Exposure and Regulating Release
- Related Work
- Conclusions
- References
- Author Index
