{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:53:27Z","timestamp":1750308807698,"version":"3.41.0"},"reference-count":33,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2009,10,1]],"date-time":"2009-10-01T00:00:00Z","timestamp":1254355200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000143","name":"Division of Computing and Communication Foundations","doi-asserted-by":"publisher","award":["CCR-0325951CCF-0524010"],"award-info":[{"award-number":["CCR-0325951CCF-0524010"]}],"id":[{"id":"10.13039\/100000143","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCR-0325951CCF-0524010"],"award-info":[{"award-number":["CCR-0325951CCF-0524010"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2009,10]]},"abstract":"<jats:p>We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then, we address the fact that not all participants in a trust-management system can be trusted to assist in such monitoring, and show how many integrity constraints can be monitored in a conservative manner so that trusted participants detect and report if the system enters a policy state from which evolution in unmonitored portions of the policy could lead to a constraint violation.<\/jats:p>","DOI":"10.1145\/1609956.1609961","type":"journal-article","created":{"date-parts":[[2009,11,4]],"date-time":"2009-11-04T18:28:31Z","timestamp":1257359311000},"page":"1-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Maintaining control while delegating trust"],"prefix":"10.1145","volume":"13","author":[{"given":"Sandro","family":"Etalle","sequence":"first","affiliation":[{"name":"University of Twente"}]},{"given":"William H.","family":"Winsborough","sequence":"additional","affiliation":[{"name":"University of Texas at San Antonio"}]}],"member":"320","published-online":{"date-parts":[[2009,11,6]]},"reference":[{"volume-title":"From Logic Programming to Prolog","author":"Apt K. R.","key":"e_1_2_2_1_1","unstructured":"Apt , K. R. 1997. From Logic Programming to Prolog . Prentice Hall , Upper Saddle River, NJ. Apt, K. R. 1997. From Logic Programming to Prolog. Prentice Hall, Upper Saddle River, NJ."},{"key":"e_1_2_2_2_1","doi-asserted-by":"crossref","unstructured":"Blaze M. Feigenbaum J. Ioannidis J. and Keromytis A. 1999a. The KeyNote trust management system version 2. IETF RFC 2704.  Blaze M. Feigenbaum J. Ioannidis J. and Keromytis A. 1999a. The KeyNote trust management system version 2. IETF RFC 2704.","DOI":"10.17487\/rfc2704"},{"key":"e_1_2_2_3_1","doi-asserted-by":"crossref","unstructured":"Blaze M. Feigenbaum J. Ioannidis J. and Keromytis A. 1999b. The role of trust management in distributed systems security. In Secure Internet Programming: Security Issues for Mobile and Distributed Objects J. Vitek and C. Jensen Eds. Springer-Verlag Berlin 185--210.   Blaze M. Feigenbaum J. Ioannidis J. and Keromytis A. 1999b. The role of trust management in distributed systems security. In Secure Internet Programming: Security Issues for Mobile and Distributed Objects J. Vitek and C. Jensen Eds. Springer-Verlag Berlin 185--210.","DOI":"10.1007\/3-540-48749-2_8"},{"volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. IEEE","author":"Blaze M.","key":"e_1_2_2_4_1","unstructured":"Blaze , M. , Feigenbaum , J. , and Lacy , J . 1996. Decentralized trust management . In Proceedings of the IEEE Symposium on Security and Privacy. IEEE , Los Alamitos, CA, 164--173. Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA, 164--173."},{"key":"e_1_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/512756.512758"},{"key":"e_1_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/0743-1066(84)90014-1"},{"key":"e_1_2_2_7_1","doi-asserted-by":"crossref","unstructured":"Ellison C. Frantz B. Lampson B. Rivest R. Thomas B. and Ylonen T. 1999. SPKI certificate theory. IETF RFC 2693.  Ellison C. Frantz B. Lampson B. Rivest R. Thomas B. and Ylonen T. 1999. SPKI certificate theory. IETF RFC 2693.","DOI":"10.17487\/rfc2693"},{"key":"e_1_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1063979.1063981"},{"key":"e_1_2_2_9_1","doi-asserted-by":"crossref","unstructured":"Godfrey P. Grant J. Gryz J. and Minker J. 1998. Integrity constraints: Semantics and applications. In Logics for Databases and Information Systems J. Chomicki and G. Saake Eds. Kluwer Academic The Netherlands 265--306.   Godfrey P. Grant J. Gryz J. and Minker J. 1998. Integrity constraints: Semantics and applications. In Logics for Databases and Information Systems J. Chomicki and G. Saake Eds. Kluwer Academic The Netherlands 265--306.","DOI":"10.1007\/978-1-4615-5643-5_9"},{"key":"e_1_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00768-2_4"},{"key":"e_1_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/365950.365956"},{"key":"e_1_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/360303.360333"},{"key":"e_1_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/115790.115796"},{"key":"e_1_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884431"},{"volume-title":"Proceedings of 13th International Conference on Very Large Databases (VLDB'97)","author":"Kowalski R.","key":"e_1_2_2_15_1","unstructured":"Kowalski , R. , Sadri , F. , and Soper , P . 1987. Integrity checking in deductive databases . In Proceedings of 13th International Conference on Very Large Databases (VLDB'97) . Morgan Kaufmann, San Francisco, CA, 61--69. Kowalski, R., Sadri, F., and Soper, P. 1987. Integrity checking in deductive databases. In Proceedings of 13th International Conference on Very Large Databases (VLDB'97). Morgan Kaufmann, San Francisco, CA, 61--69."},{"key":"e_1_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/605434.605438"},{"volume-title":"Proceedings of the IEEE Symposium on Research in Security and Privacy. IEEE","author":"Li N.","key":"e_1_2_2_17_1","unstructured":"Li , N. , Mitchell , J. , and Winsborough , W . 2002. Design of a role-based trust management framework . In Proceedings of the IEEE Symposium on Research in Security and Privacy. IEEE , Los Alamitos, CA, 114--130. Li, N., Mitchell, J., and Winsborough, W. 2002. Design of a role-based trust management framework. In Proceedings of the IEEE Symposium on Research in Security and Privacy. IEEE, Los Alamitos, CA, 114--130."},{"volume-title":"Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages (PADL'03)","author":"Li N.","key":"e_1_2_2_18_1","unstructured":"Li , N. and Mitchell , J. C . 2003. Datalog with constraints: A foundation for trust management languages . In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages (PADL'03) . Springer-Verlag, Berlin, 58--73. Li, N. and Mitchell, J. C. 2003. Datalog with constraints: A foundation for trust management languages. In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages (PADL'03). Springer-Verlag, Berlin, 58--73."},{"key":"e_1_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1066100.1066103"},{"key":"e_1_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1187441.1187442"},{"key":"e_1_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/773065.773067"},{"key":"e_1_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/0743-1066(87)90009-4"},{"key":"e_1_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/0743-1066(85)90013-5"},{"key":"e_1_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/10731.10734"},{"key":"e_1_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/645917.672152"},{"key":"e_1_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1533057.1533098"},{"key":"e_1_2_2_27_1","unstructured":"Rivest R. and Lampson B. 1996. SDSI\u2014a simple distributed security infrastructure. http:\/\/theory.lcs.mit.edu\/_rivest\/sdsi11.html.  Rivest R. and Lampson B. 1996. SDSI\u2014a simple distributed security infrastructure. http:\/\/theory.lcs.mit.edu\/_rivest\/sdsi11.html."},{"key":"e_1_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/300830.300839"},{"key":"e_1_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2006.22"},{"key":"e_1_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ic.2007.05.006"},{"key":"e_1_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315300"},{"key":"e_1_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884430"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1609956.1609961","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1609956.1609961","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:26:14Z","timestamp":1750278374000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1609956.1609961"}},"subtitle":["Integrity constraints in trust management"],"short-title":[],"issued":{"date-parts":[[2009,10]]},"references-count":33,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2009,10]]}},"alternative-id":["10.1145\/1609956.1609961"],"URL":"https:\/\/doi.org\/10.1145\/1609956.1609961","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2009,10]]},"assertion":[{"value":"2006-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-02-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-11-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}