Trust is an important aspect of decision making for Internet applications and particularly
influences the specification of security policy, ie, who is authorized to perform actions as well …

Trust management is one of the most challenging issues in the emerging cloud computing
area. Over the past few years, many studies have proposed different techniques to address …

Attributes define, classify, or annotate the datum to which they are assigned. However,
traditional attribute architectures and cryptosystems are ill-equipped to provide security in …

This paper discusses the rationale for designing a simple trust-management system for
public-key infrastructures, called KeyNote. The motivating principles are expressibility …

Conventional firewalls [5] rely on the notions of restricted topology and controlled entry
points to function. More precisely, they rely on the assumption that everyone on one side of …

Existing authorization mechanisms fail to provide powerful and robust tools for handling
security at the scale necessary for today's Internet. These mechanisms are coming under …

User authentication in computing systems traditionally depends on three factors: something
you have (eg, a hardware token), something you are (eg, a fingerprint), and something you …

In this article, we propose an access control mechanism for Web-based social networks,
which adopts a rule-based approach for specifying access policies on the resources owned …

We address the problem of authorization in large-scale, open, distributed systems.
Authorization decisions are needed in electronic commerce, mobile-code execution, remote …

We give goal-oriented algorithms for discovering credential chains in RT o, a role-based
trust-management language introduced in this paper. The algorithms search credential …