Trust Management Languages and Complexity
نویسنده
چکیده
Trust management is a concept of automatic verification of access rights against distributed security policies. A policy is described by a set of credentials that define membership of roles and delegation of authority over a resource between the members of roles. Making an access control decision is equivalent to resolving a credential chain between the requester and the role, which members are authorized to use a resource. A credential is an electronic document, formulated using a trust management language. This way, trust management languages are a tool for describing credentials and specifying access control policies in a flexible and modifiable way. This paper discusses the expressive power of trust management languages, describes a new extension to Role-based Trust Managements language RT, and evaluates the complexity of algorithm that is used for answering security queries.
منابع مشابه
DATALOG with Constraints: A Foundation for Trust Management Languages
Trust management (TM) is a promising approach for authorization and access control in distributed systems, based on signed distributed policy statements expressed in a policy language. Although several TM languages are semantically equivalent to subsets of Datalog, Datalog is not sufficiently expressive for fine-grained control of structured resources. We define the class of linearly decomposab...
متن کاملA Survey on Trust Management Languages
Trust is an important aspect of decision making for Information Systems and particularly influences the specification of security policies. However, trust is a complex concept that is difficult to define precisely, and a wide variety of definition of trust have been put forward. Over last ten years, a number of trust management language have been developed to express security statements in a di...
متن کاملDeclarative Reconfigurable Trust Management
In recent years, there has been a proliferation of declarative logic-based trust management languages and systems proposed to ease the description, configuration, and enforcement of security policies. These systems have different tradeoffs in expressiveness and complexity, depending on the security constructs (e.g. authentication, delegation, secrecy, etc.) that are supported, and the assumed t...
متن کاملSome relationships between two trust management languages
In this paper, we continue our line of research for defining an integrated framework for the specification and analysis of security and trust, aimed at providing the basis for the modeling and analysis of security and trust aspects of emergent dynamic coalitions (e.g., mobile ad hoc networks, peer to peer systems, web services). In particular, we consider two well-known languages: 1) the Role-b...
متن کاملA Framework for Concrete Reputation-Systems
In a reputation-based trust-management system, agents maintain information about the past behaviour of other agents. This information is used to guide future trust-based decisions about interaction. However, while trust management is a component in security decision-making, few existing reputation-based trustmanagement systems aim to provide any formal security-guarantees. We describe a mathema...
متن کامل