Graphical Representation of Authorization Policies for Weighted Credentials
نویسندگان
چکیده
This paper elaborates on a solution to represent authorization and delegation in a graphical way, allowing users to better interpret delegation relationships. We make use of Weighted Trust Graph (WTG) as an instrument to represent delegation and authorization, extending it to cope with more complicated concepts, and providing a graphical representation of the level of confidence that exists between two entities regarding a resource or attribute. We represent the level of confidence for each pair of entities as a point in an axis diagram, as a set of points, or as a set of triangular regions depending on the accuracy we need. Then, we use the same diagram to represent the set of acceptable confidence level, that we call authorization policy set. In this way, a single diagram can be used to decide about authorization, thus providing a powerful tool for systems in which interaction of users is needed.
منابع مشابه
Customizing Distributed Proofs of Authorization
When identity-based authorization becomes difficult due to the scalability requirements and highly dynamic nature of open distributed systems, digitally certifiable attributes can be an effective basis for specifying authorization policies. Before an authorization decision is made in such a system, a client needs to collect a set of credentials to prove that it satisfies the authorization polic...
متن کاملAn Access Control System for Business Processes for Web Services
Web Services and Business Processes for Web Services are the new paradigms for the lightweight integration of business from different enterprises. Whereas the security and access control policies for basic web services and distributed systems are well studied and almost standardized, there is not yet a comprehensive proposal for an access control architecture for business processes. The major d...
متن کاملDesign of a Role-Based Trust-Management Framework
We introduce the RT framework, a family of Rolebased Trust-management languages for representing policies and credentials in distributed authorization. RT combines the strengths of role-based access control and trustmanagement systems and is especially suitable for attributebased access control. Using a few simple credential forms, RT provides localized authority over roles, delegation in role ...
متن کاملSAFE: A Declarative Trust Management System with Linked Credentials
We present SAFE, an integrated system for managing trust using a logic-based declarative language. Logical trust systems authorize each request by constructing a proof from a context—a set of authenticated logic statements representing credentials and policies issued by various principals in a networked system. A key barrier to practical use of logical trust systems is the problem of managing p...
متن کاملInternet Credential Acceptance Policies
Servers often need a basis for establishing some degree of trust in their clients. This problem is particularly interesting for services that do not have a prior relationship with their clients. Credentials can be used to demonstrate properties of the credential bearer possibly including, but not limited to, the owner’s identity. Digital credentials are well-suited for use by any service provid...
متن کامل