Ultimately, authorization should be based on the extent to which the principal making a request is trusted.  We will describe a language, logic, and mechansims used for implementing this approach to authorization in the Nexus operating system and in some document-managment applications. The roles of analytic, axiomatic, and constructive bases for trust will be discussed.

Fred B. Schneider is the Samuel B. Eckert Professor of Computer Science at Cornell, where he has been on the faculty since 1978. He also serves as Chief Scientist for the NSF "TRUST" Science and Technology Center and has been Professor-at-Large at the University of Tromso (Norway) since 1996.

Schneider's research concerns trustworthy systems, most recently focusing on computer security.  His early work was in formal methods and fault-tolerant distributed systems.  He is author of the graduate textbook "On Concurrent Programming", co-author (with David Gries) of the undergraduate text "A Logical Approach to Discrete Math", and the editor of "Trust in Cyberspace" which reports findings from the US National Research Council's study committee on information systems trustworthiness Schneider chaired.

A fellow of the AAAS, ACM, and IEEE, Schneider was awarded a D.Sc. honoris causa from the University of Newcastle-upon-Tyne in 2003.  His survey paper on state machine replication received a SIGOPS Hall of Fame Award in 2007.

Schneider is a member of the board for the Computing Research Association and the council of the Computing Community Consortium.  He serves on the US congressionally mandated Information Security and Privacy Advisory Board, and is a member of the Defense Science Board. A frequent consultant to industry, he co-chairs Microsoft's TCAAB advisory board on trustworthy computing, besides serving on the technical advisory boards for Fortify Software and Cigital Corp.