TrustBuilder Publication List

A. J. Lee and M. Winslett, "Safety and Consistency in Policy-Based Authorization Systems," 13th ACM Conference on Computer and Communications Security (CCS 2006), October/November 2006. [PDF]

A. J. Lee and M. Winslett, "Safety and Consistency in Policy-Based Authorization Systems (Extended Version)," University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2006-2761, August 2006. [PDF]

Carl A. Gunter, William H. Sanders, David E. Bakken, Anjan Bose, Roy Campbell, George Gross, Carl H. Hauser, Himanshu Khurana, Ravishankar K. Iyer, Zbigniew T. Kalbarczyk, Klara Nahrstedt, David M. Nicol, Thomas J. Overbye, Peter W. Sauer, Sean W. Smith, Robert J. Thomas, Von Welch, and Marianne Winslett, "Trustworthy Cyber-Infrastructure for Power (TCIP)," Proceedings of the Workshop on Research Directions for Security and Networking in Critical Real-time and Embedded Systems, San Jose, CA, April 2006. Proceedings online at http://moss.csc.ncsu.edu/~mueller/crtes06/.

R. Hasan and M. Winslett, "Synergy: A Trust-aware, Policy-driven Information Dissemination Framework", IEEE International Conference on Intelligence and Security Informatics (ISI 2006), San Diego, USA, May 23-24, 2006. [PDF]

A. J. Lee, M. Winslett, J. Basney, and V. Welch, "Traust: A Trust Negotiation-Based Authorization Service for Open Systems," The Eleventh ACM Symposium on Access Control Models and Technologies (SACMAT 2006), June 2006. [PDF]

A. J. Lee and M. Winslett, "Virtual Fingerprinting as a Foundation for Reputation in Open Systems," University of Illinois at Urbana-Champaign Department of Computer Science Technical Report No. UIUCDCS-R-2006-2691, February 2006. [PDF]

A. J. Lee and M. Winslett, "Virtual Fingerprinting as a Foundation for Reputation in Open Systems," The Fourth International Conference on Trust Management (iTrust 2006), May 2006. [PDF]

A. J. Lee, M. Winslett, J. Basney, and V. Welch, "Traust: A Trust Negotiation Based Authorization Service," Demonstration Short Paper, The Fourth International Conference on Trust Management (iTrust 2006), May 2006. [PDF]

A. J. Lee and M. Winslett, "Open Problems for Usable and Secure Open Systems," Usability Research Challenges for Cyberinfrastructure and Tools held in conjunction with ACM CHI 2006, April 2006. [PDF]

L. Olson, M. Winslett, G. Tonti, N. Seeley, A. Uszok, and J. Bradshaw, "Trust Negotiation as an Authorization Service for Web Services," International Workshop on Security and Trust in Decentralized/Distributed Data Structures (STD3S) held in conjunction with IEEE ICDE 2006, April 2006.

M. Winslett, C. C. Zhang, P. A. Bonatti, "PeerAccess: A Logic for Distributed Authorization." 12th ACM Conference on Computer and Communications Security (CCS '05), November 2005.[PDF]

A. J. Lee. "Traust: A Trust Negotiation Based Authorization Service for Open Systems." Master's Thesis, University of Illinois at Urbana-Champaign, Aug. 2005. [PDF]

A. J. Lee, G. A. Koenig, X. Meng, and W. Yurcik, "Searching for Open Windows and Unlocked Doors: Port Scanning in Large-Scale Commodity Clusters," The First International Workshop on Cluster Security held in conjunction with the Fifth IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid), May 2005. [PDF]

G. A. Koenig, X. Meng, A. J. Lee, M. Treaster, N. Kiyanclar, and W. Yurcik, "Cluster Security with NVisionCC: Process Monitoring by Leveraging Emergent Properties," The First International Workshop on Cluster Security held in conjunction with the Fifth IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid), May 2005. [PDF]

A. J. Lee, J. P. Boyer, C. Drexelius, P. Naldurg, R. L. Hill, and R. H. Campbell, "Supporting Dynamically Changing Authorizations in Pervasive Communication Systems," Second International Conference on Security in Pervasive Computing, April 2005. [PDF]

K. Lakkaraju, W. Yurcik, A. J. Lee, R. Bearavolu, Y. Li, and X. Yin, " NVisionIP: NetFlow Visualizations of System State for Security Situational Awareness ," CCS Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC), Oct. 2004. [PDF]

K. Lakkaraju, W. Yurcik, R. Bearvolu, and A. J. Lee, "NVisionIP: An Interactive Network Flow Visualization Tool for Security," IEEE International Conference on Systems, Man and Cybernetics (SMC), Oct. 2004. [PDF]

T. Yu and M. Winslett, "A Unified Scheme for Resource Protection in Automated Trust Negotiation,'' IEEE Symposium on Security and Privacy, Berkeley, California, May 2003. [postscript]

M. Winslett, "An Introduction to Automated Trust Negotiation,'' Workshop on Credential-Based Access Control, Dortmund, October 2002. [postscript] Earlier versions of this paper appeared as "An Introduction to Automated Trust Establishment,'' Workshop on Credential-Based Access Control, Dortmund, October 2002, and in in the International Conference on Multimedia and Its Applications, Agra, January 2003. [postscript]

T. Yu, M. Winslett, and K. E. Seamons, "Supporting Structured Credentials and Sensitive Policies through Interoperable Strategies for Automated Trust Negotiation,'' ACM Transactions on Information and System Security, volume 6, number 1, February 2003. [postscript]

M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu, "The TrustBuilder Architecture for Trust Negotiation,'' IEEE Internet Computing, volume 6, number 6, November/December 2002, pages 30-37.

T. Yu, M. Winslett, and K. E. Seamons, "Automated Trust Negotiation over the Internet,'' 6th World Multiconference on Systemics, Cybernetics and Informatics, Orlando, July 2002. [postscript]

K. E. Seamons, M. Winslett, T. Yu, B. Smith, E. Child, J. Jacobson, H. Mills, and L. Yu, "Requirements for Policy Languages for Trust Negotiation,'' 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, June 2002. [pdf]

K. E. Seamons, M. Winslett, T. Yu, L. Yu, and R. Jarvis, "Protecting Privacy during On-line Trust Negotiation,'' 2nd Workshop on Privacy Enhancing Technologies, San Francisco, April 2002. [pdf]

A. Hess, J. Jacobson, H. Mills, Ryan Wamsley, K. E. Seamons, and B. Smith, "Advanced Client/Server Authentication in TLS,'' Network and Distributed System Security Symposium, San Diego, February 2002. [pdf]

T. Yu, M. Winslett, and K. Seamons, "Interoperable Strategies in Automated Trust Negotiation'' Conference on Computer and Communications Security, November 2001. [postscript]  A full version with proofs and examples is also available. [full version postscript]

T. Barlow, A. Hess, and K. E. Seamons, "Trust Negotiation in Electronic Markets,'' Eighth Research Symposium in Emerging Electronic Markets, Maastricht, Netherlands, September 2001. [pdf]

K. E. Seamons, M. Winslett, and T. Yu, "Limiting the Disclosure of Access Control Policies During Automated Trust Negotiation,'' Symposium on Network and Distributed System Security, San Diego, February 2001. [pdf]

T. Yu, X. Ma, and M. Winslett, "PRUNES: An Efficient and Complete Strategy for Trust Negotiation over the Internet,'' ACM Conference on Computer and Communications Security, Athens, November 2000. [postscript]

W. H. Winsborough, K. E. Seamons, and V. E. Jones, "Automated Trust Negotiation'', DARPA Information Survivability Conference and Exposition, Hilton Head, January 2000.

W. H. Winsborough, K. E. Seamons, and V. E. Jones, "Negotiating Disclosure of Sensitive Credentials'', Second Conference on Security in Communication Networks, Amalfi, Italy, September 1999.

M. Winslett, N. Ching, V. Jones, and I. Slepchin, "Using Digital Credentials on the World-Wide Web,'' Journal of Computer Security, 1997. [postscript]

K. E. Seamons, W. Winsborough, and M. Winslett, "Internet Credential Acceptance Policies,'' Proceedings of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium, July 1997.

M. Winslett, N. Ching, V. Jones and I. Slepchin, "Assuring Security and Privacy for Digital Library Transactions on the Web: Client and Server Security Policies,'' Proceedings of ADL '97 --- Forum on Research and Technology Advances in Digital Libraries, Washington, DC, May 1997. [postscript]

V. Jones, "Access Control for Client-Server Object Databases,'' Ph.D. Thesis, Department of Computer Science, University of Illinois, December 1996. [postscript]

N. Ching, V. Jones, and M. Winslett, "Authorization in the Digital Library: Secure Access to Services across Enterprise Boundaries,'' Proceedings of ADL '96 --- Forum on Research and Technology Advances in Digital Libraries, Washington, DC, May 1996. [postscript]

V. E. Jones and M. Winslett, "JaDE: Access Control in a Java-Based Object Database,'' Proceedings of OOPSLA '95 workshop on Object Database Behavior, Benchmarks, and Performance, Austin, Texas, October 1995. [postscript]

V. E. Jones, N. Ching, and M. Winslett, "Credentials for Privacy and Interoperation,'' Proceedings of the New Security Paradigms '95 Workshop, La Jolla, California, August 22-25, 1995. [postscript]

E. Bina, V. Jones, R. McCool and M. Winslett, "Secure Access to Data Over the Internet,'' Proceedings of the Third ACM/IEEE International Conference on Parallel and Distributed Information Systems, Austin, Texas, September 1994. [postscript] The full paper is also available. [full version postscript]

M. Winslett, K. Smith, and X. Qian, "Formal Query Languages for Secure Relational Databases,'' ACM Transactions on Database Systems, 19 (4) Dec 1994. [postscript]

V. Jones and M. Winslett, ``Secure Database Interoperation via Role Translation,'' in Proceedings of the OOPSLA 1993 Conference Workshop on Security in Object-Oriented Systems, Washington, DC, September 1993, pages 129--133.

K. P. Smith and M. Winslett, "Multilevel Secure Rules: Integrating the Secure and Active Data Models,'' Proceedings of the Sixth IFIP 11.3 Working Conference in Database Security, Vancouver, August 1992, pp. 33--58. [postscript]

K. P. Smith and M. Winslett, "Entity Modeling in the MLS Relational Model,'' Proceedings of the Conference on Very Large Data Bases, Vancouver, August 1992, pp. 199--210. [postscript]

K. Smith and M. Winslett, "The Importance of Declarative Semantics for MLS Relational Databases,'' Rome AFB Workshop on Future Directions in Database Security, September 1992. [postscript]

DAIS - Database and Information Systems Laboratory, Department of Computer Science, University of Illinois at Urbana-Champaign, 201 N. Goodwin Ave., Urbana, IL 61801, USA.  Fax: 217-265-6494, Phone: 217-244-6241.