Skip to main content
SpringerLink
Log in
Book cover

International Conference on Data Warehousing and Knowledge Discovery

DaWaK 2002: Data Warehousing and Knowledge Discovery pp 94–103Cite as

Authorization Based on Evidence and Trust*

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2454))

Abstract

Developing authorization mechanisms for secure information access by a large community of users in an open environment is challenging. Current research efforts grant privilege to a user based on her objective properties that are demonstrated by digital credentials (evidences). However, holding credentials is not sufficient to certify that a user is trustworthy. Therefore, we propose using the notion of trust to characterize the probability that a user will not harm an information system. We present a trust-enhanced role-mapping server, which cooperates with RBAC (Role-Based Access Control) mechanisms to together implement authorization based on evidence and trust. A prerequisite for this is our proposed formalization of trust and evidence.

This research is supported by CERIAS and NSF grants CCR-9901712 and CCR-0001788.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A. Abdul-Rahman and S. Hailes. Supporting trust in virtual communities. In Hawaii International Conference on System Sciences, Hawaii, January 2000.

    Google Scholar 

  2. G. Ahn and R. Sandhu. Role-based authorization constraints specification. ACM Transactions on Information and System Security, 3(4), November 2000.

    Google Scholar 

  3. E. Bertino, E. Ferrari, and E. Pitoura. An access control mechanism for large scale data dissemination Systems. In RIDE-DM 2001, 2001.

    Google Scholar 

  4. M. Blaze, J. Feigenbaum, and J. Ioannidis. The keynote trust-management System Version 2, http:// www.ietf.org/rfc/rfc2704.txt.

  5. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In the 17th Symposium on Security and Privacy, 1996.

    Google Scholar 

  6. Y. H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss. Referee: Trust management for web applications. Word Wide Web Journal, 1997.

    Google Scholar 

  7. D. Denning. Information Warefare and Security. Addison Wesley, 1999.

    Google Scholar 

  8. S. Farrell and R. Housley. An internet attribute certificate profile for authorization, http://www.ietf.org/internet-drafts/draft-ietf-pkix-ac509prof-OS.txt.

  9. A. Herzberg, Y. Mass, J. Mihaeli, D. Naor, and Y. Ravid. Access control meets public key infrastructure, or: Assigning roles to strangers. In IDEE Symposium on Security and Privacy, CA, 2000.

    Google Scholar 

  10. R. Housley, W. Ford, W. Polk, and D. Solo. Internet x.509 public key infrastructure certificate and cr1 profile, http://www.ietf.org/rfc/rfc2459.txt.

  11. A. Josang. A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-based Systems, 9(3), June 2001.

    Google Scholar 

  12. W. Lee, W. Fan, M. Miller, S. Stolfo, and F. Zadok. Toward test-sensitive modeling for intrusion detection and response. Journal of Computer Security, 2001.

    Google Scholar 

  13. M. Mahoui, B. Bhargava, and Y. Zhong. Separating between trust and access control policies: A necessity for web applications. In the IEEE Workshop on Security in Distributed Data Warehousing, New Orleans, 2001.

    Google Scholar 

  14. S. Marsh. Formalizing Trust as a Computational Concept. PhD thesis, University of Stirling, UK, 1994.

    Google Scholar 

  15. D. McKnight and N. Chervany. Conceptualizing trust: A typology and ecommerce customer relation model. In the 34th Hawaii ICSS-2001, Hawaii, 2001.

    Google Scholar 

  16. S. Northcutt, J. Novak, and D. McLachlan. Network Intrusion Dectection: Analyst’s Handbook. New Riders Publishing, 1999.

    Google Scholar 

  17. J. Park and R. Sandhu. Role-based access control on the web. ACM Transactions on Information and System Security, 4(l), February 2001.

    Google Scholar 

  18. P. Resnick and J. Miller. Pics: Internet access controls without censorship. Communications of the ACM, 39(10), 1996.

    Google Scholar 

  19. G. Shafer. A Mathematical Theory of Evidence. Princeton University Press, 1976.

    Google Scholar 

  20. M. Winslett, N. Ching, V. Jones, and I. Slepchin. Using digital credentials on the world-wide web. Journal of Computer Security, 1997.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Education and Research in Information Assurance and Security (CERIAS),and Department of Computer Sciences, Purdue University, 47906-1398, West Lafayette, IN, USA

    Bharat Bhargava & Yuhui Zhong

Authors
  1. Bharat Bhargava
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuhui Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Graduate School of Informatics, Kyoto University, Yoshida-Honmachi, Sakyo-ku, 606-8501, Kyoto, Japan

    Yahiko Kambayashi

  2. Institute for Computer Science and Business Informatics, University of Vienna, Liebiggasse 4, 1010, Vienna, Austria

    Werner Winiwarter

  3. Center for Spatial Information Science (CSIS), University of Tokyo, 4-6-1, Komaba, Meguro-ku, 153-8904, Tokyo, Japan

    Masatoshi Arikawa

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bhargava, B., Zhong, Y. (2002). Authorization Based on Evidence and Trust* . In: Kambayashi, Y., Winiwarter, W., Arikawa, M. (eds) Data Warehousing and Knowledge Discovery. DaWaK 2002. Lecture Notes in Computer Science, vol 2454. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46145-0_10

Download citation

  • DOI: https://doi.org/10.1007/3-540-46145-0_10

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44123-6

  • Online ISBN: 978-3-540-46145-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation