Publication
A Case Study in Decentralized, Dynamic, Policy-Based,
Authorization and Trust Management - Automated Software Distribution for Airplanes
6th International Workshop on Security and Trust Management (STM 2010)
Author(s): Peter Hartmann, Monika Maidl, David von Oheimb, Richard Robinson
Year: 2010
Publisher: Springer
Editors: Jorge Cuellar, Javier Lopez
Keywords:Authorization, trust management, security tokens, logic, software distribution
Abstract:
We apply SecPAL, a logic-based policy language for decentralized
authorization and trust management, to our case study of automated software
distribution for airplanes. In contrast to established policy frameworks for
authorization like XACML, SecPAL offers constructs to express trust
relationships and delegation explicitly and to form chains of trusts. We use
these constructs in our case study to specify and reason about dynamic, ad-hoc
trust relationships between airlines and contractors of suppliers of software that
has to be loaded into airplanes.
Copyright © 2010 Boeing, Siemens, and FH Landshut
Preprint
Slides
BibTeX entry:
@inproceedings{STM10-Siemens-FHLandshut-Boeing,
author = {Peter Hartmann and Monika Maidl and Oheimb, David von and Richard Robinson},
title = {A Case Study in Decentralized, Dynamic, Policy-Based, Authorization and Trust Management --
Automated Software Distribution for Airplanes},
booktitle = {Prof. of 6th International Workshop on Security and Trust Management (STM 2010)},
editor = {Jorge Cuellar and Javier Lopez},
publisher = {Springer},
series = {LNCS},
volume = {6710},
pages = {68--83},
year = 2010,
note = {\url{http://ddvo.net/papers/STM2010.html}},
abstract = {
We apply SecPAL, a logic-based policy language for decentralized
authorization and trust management, to our case study of automated software
distribution for airplanes. In contrast to established policy frameworks for
authorization like XACML, SecPAL offers constructs to express trust
relationships and delegation explicitly and to form chains of trusts. We use
these constructs in our case study to specify and reason about dynamic, ad-hoc
trust relationships between airlines and contractors of suppliers of software that
has to be loaded into airplanes.
}
}