Andrew G. West
Adam J. Aviv
Sampath Kannan
Insup Lee
ABSTRACT
Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement.
This paper reports on QuanTM's design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.
- OpenBSD. http://www.openbsd.org.Google Scholar
- M. Abadi. Access control in a core calculus of dependency. ACM SIGPLAN Notices, 41(9):263--273, 1999. Google ScholarDigital Library
- M. Abadi, A. B. N. Heintze, and J. G. Riecke. A core calculus of dependency. In Proceedings of the 26th ACM Symposium on Principles of Programming Languages, pages 147--160, January 1999. Google ScholarDigital Library
- B. Atkinson. Web services security (WS-Security). http://msdn.microsoft.com/library/default.asp? url=/library/en-us/dnglobspec/html/ws-security.asp, 2002.Google Scholar
- M. Y. Becker, C. Fournet, and A. D. Gordon. SecPAL: Design and semantics of a decentralized authorization language. Technical report, Microsoft Research, 2006.Google Scholar
- M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The KeyNote trust-management system, version 2. IETF RFC, 2704:164--173, September 1999. Google ScholarDigital Library
- M. Blaze, J. Feigenbaum, and A. D. Keromytis. KeyNote: Trust management for public-key infrastructures (position paper). In Security Protocols Workshop, volume 1550 of Lecture Notes in Computer Science, pages 59--63, 1999. Google ScholarDigital Library
- M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In IEEE Symposium on Security and Privacy, pages 164--173. IEEE Computer Society, 1996. Google ScholarDigital Library
- M. Blaze, S. Kannan, A. D. Keromytis, I. Lee, W. Lee, O. Sokolsky, and J. M. Smith. Dynamic trust management. IEEE Computer (Sp. Issue on Trust Mangement), 2009. Google ScholarDigital Library
- M. Colombo, F. Martinelli, P. Mori, M. Petrocchi, and A. Vaccarelli. Fine grained access control with trust and reputation management for Globus. In GADA '07, volume 4804 of LNCS, pages 1505--1515, 2007. Google Scholar
- A. Jøsang. A logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness, and Knowledge-Based Systems, 9(3):279--311, June 2001. Google ScholarDigital Library
- A. Jøsang, R. Hayward, and S. Pope. Trust network analysis with subjective logic. In Proceedings of the 29th Australasian Computer Science Conference, 2006. Google ScholarDigital Library
- L. Kagal, S. Cost, T. Finin, and Y. Peng. A framework for distributed trust management. In Proceedings of IJCAI-01 Workshop on Autonomy, Delegation and Control, 2001.Google Scholar
- S. D. Kamvar, M. T. Schlosser, and H. Garcia-molina. The EigenTrust algorithm for reputation management in P2P networks. In Proceedings of the Twelfth International World Wide Web Conference, Budapest, May 2003. Google ScholarDigital Library
- A. D. Keromytis and J. M. Smith. Requirements for scalable access control and security management architectures. ACM Transactions on Internet Technology, 7(4), November 2007. Google ScholarDigital Library
- H. Li and M. Singhai. Trust management in distributed systems. IEEE Computer, 40(2):45--53, February 2007. Google ScholarDigital Library
- N. Li, B. N. Grosof, and J. Feigenbaum. Delegation Logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security, 6, 2003. Google ScholarDigital Library
- N. Li and J. Mitchell. RT: a role-based trust-management framework. DARPA Information Survivability Conference and Exposition, 2003. Proceedings, 1:201--212, April 2003. Google ScholarDigital Library
- J. Liu and V. Issarny. Enhanced reputation mechanism for mobile ad hoc networks. LNCS, 2995:48--62, 2004.Google ScholarCross Ref
- [email protected]. FreeBSD port keynote-2.3-1. http://www.freebsd.org/ports/security.html.Google Scholar
- G. Suryanarayana, J. R. Erenkrantz, and R. N. Taylor. An architectural approach for decentralized trust management. IEEE Internet Computing, 9(6):16--23, 2005. Google ScholarDigital Library
- J. Valdes, R. E. Tarjan, and E. L. Lawler. The recognition of series parallel digraphs. In Proceedings of the 11th Annual ACM Symposium on Theory of Computing, pages 1--12, Atlanta, GA, 1979. ACM. Google ScholarDigital Library
- A. G. West, S. Kannan, I. Lee, and O. Sokolsky. An evaluation framework for reputation management systems. Working chapter for Trust Modeling and Management in Digital Environments: From Social Concept to System Development, (Zheng Yan, ed.).Google Scholar
Recommendations
Fine Grained Access Control with Trust and Reputation Management for Globus
On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and ISAbstractWe propose an integrated architecture, extending a framework for fine grained access control of Grid computational services, with an inference engine managing reputation and trust management credentials. Also, we present the implementation of the ...
H-Trust: A Robust and Lightweight Group Reputation System for Peer-to-Peer Desktop Grid
ICDCSW '08: Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems WorkshopsWe propose a robust and lightweight group reputation system, called H-Trust, inspired by the h-index aggregation technique. Leveraging the robustness of the h-index algorithm under incomplete and uncertain circumstances, H-Trust offers a robust ...
HonestPeer
The visible success of the Peer to Peer (P2P) paradigm is associated with many challenges in finding trustworthy peers as reliable communication partners. Reputation management systems are emerging in the face of these challenges. The EigenTrust ...
Comments