Treffer: Soutei, a logic-based trust-management system system description

Title:
Soutei, a logic-based trust-management system system description
Authors:
PIMLOTT, Andrew, KISELYOV, Oleg
Source:
Functional and logic programming (8th international symposium, FLOPS 2006, Fuji-Susono, Japan, April 24-26, 2006)0FLOPS 2006. :130-145
Publisher Information:
Berlin: Springer, 2006.
Publication Year:
2006
Physical Description:
print, 24 ref 1
Original Material:
INIST-CNRS
Subject Terms:
Computer science, Informatique, Sciences exactes et technologie, Exact sciences and technology, Sciences appliquees, Applied sciences, Informatique; automatique theorique; systemes, Computer science; control theory; systems, Informatique théorique, Theoretical computing, Fonctions logiques, booléennes et de commutation, Logical, boolean and switching functions, Logiciel, Software, Systèmes informatiques et systèmes répartis. Interface utilisateur, Computer systems and distributed systems. User interface, Algorithme réparti, Distributed algorithm, Algoritmo repartido, Backtracking, Commande répartie, Distributed control, Control repartido, Confiance, Confidence, Confianza, Contrôle accès, Access control, Dialecte, Dialect, Dialecto, Déploiement, Unfolding, Despliegue, Intergiciel publication souscription, Publish subscribe middleware, Intergicial editor suscriptor, Langage déclaratif, Declarative language, Lenguaje declarativo, Méthode descendante, Top down method, Método descendente, Programmation fonctionnelle, Functional programming, Programación funcional, Programmation logique, Logical programming, Programación lógica, Psychologie sociale, Social psychology, Psicología social, Robustesse, Robustness, Robustez, Service web, Web service, Servicio web, Système réparti, Distributed system, Sistema repartido, Sécurité informatique, Computer security, Seguridad informatica
Document Type:
Konferenz Conference Paper
File Description:
text
Language:
English
Author Affiliations:
Planning Systems, Inc, Slidell, LA, United States
Fleet Numerical Meteorology and Oceanography Center, Monterey, CA, United States
ISSN:
0302-9743
Access URL:
http://pascal-francis.inist.fr/vibad/index.php?action=search&terms=19105390
Rights:
Copyright 2007 INIST-CNRS
CC BY 4.0
Sauf mention contraire ci-dessus, le contenu de cette notice bibliographique peut être utilisé dans le cadre d’une licence CC BY 4.0 Inist-CNRS / Unless otherwise stated above, the content of this bibliographic record may be used under a CC BY 4.0 licence by Inist-CNRS / A menos que se haya señalado antes, el contenido de este registro bibliográfico puede ser utilizado al amparo de una licencia CC BY 4.0 Inist-CNRS
Notes:
Computer science; theoretical automation; systems
Accession Number:
edscal.19105390
Database:
PASCAL Archive

Weitere Informationen

We describe the design and implementation of a trust-management system Soutei, a dialect of Binder, for access control in distributed systems. Soutei policies and credentials are written in a declarative logic-based security language and thus constitute distributed logic programs. Soutei policies are modular, concise, and readable. They support policy verification, and, despite the simplicity of the language, express role- and attribute-based access control lists, and conditional delegation. We describe the real-world deployment of Soutei into a publish-subscribe web service with distributed and compartmentalized administration, emphasizing the often overlooked aspect of authorizing the creation of resources and the corresponding policies. Soutei brings Binder from a research prototype into the real world. Supporting large, truly distributed policies required non-trivial changes to Binder, in particular mode-restriction and goal-directed top-down evaluation. To improve the robustness of our evaluator, we describe a fair and terminating backtracking algorithm.