A Case Study in Decentralized, Dynamic, Policy-Based, Authorization and Trust Management - Automated Software Distribution for Airplanes
نویسندگان
چکیده
We apply SecPAL, a logic-based policy language for decentralized authorization and trust management, to our case study of automated software distribution for airplanes. In contrast to established policy frameworks for authorization like XACML, SecPAL offers constructs to express trust relationships and delegation explicitly and to form chains of trusts. We use these constructs in our case study to specify and reason about dynamic, ad-hoc trust relationships between airlines and contractors of suppliers of software that has to be loaded into airplanes.
منابع مشابه
Policy Based Framework for Trust Management and Evolution of Peer to Peer Groups
Peer to peer collaborative groups are becoming increasingly popular for collaborative applications like video/audio conferencing, IP telephony, file sharing, collaborative work spaces, and multi-user games. The decentralized nature of these groups gives rise to the need of a secure group layer which integrates authentication, admission control, authorization, access control and key management. ...
متن کاملA Decentralized Authorization Mechanism for E-Business Applications
E-business applications need robust and powerful mechanisms to authorize security-critical actions. This actions can be very complex, since they can be initiated not only by human users but also by applications or software agents. Existing authorization mechanisms do not scale for large number of users if the trust relations are dynamic and fail to provide reliable authorization among strangers...
متن کاملImplementation and Performance Analysis of the Role-Based Trust Management System, RTC
We present representations and algorithms for the implementation of RT , a role-based trust management language, and announce an open-source implementation available to the public. We also design and perform large-scale performance tests on policies closely modeled after possible applications of RT in the real world. These tests aim to determine the viability of RT as an authorization solution ...
متن کاملConstruction of Trust Based Dynamic Access Control Model in P2P Net- work Environment
With the development of society and technology, sharing of resources has become an indispensable component in our life. With its congenital features of high speed, rich resources, strong fault-tolerance and low cost, peer-to-peer (P2P) network occupies an important status in network resources sharing. However, this technology has serious problems in network security, especially in trust managem...
متن کاملSecurity Policy Languages and Enforcement
As organizations grow larger and more complex, and as cybersecurity becomes an increasingly important concern, there are growing needs for languages that can express complex security policies of organizations and for efficient mechanisms to enforce the policies. An essential function of security policies is to control authorization, that is, to determine whether a request to access a resource s...
متن کامل