Skip to main content
Log in

Multi-level delegations with trust management in access control systems

  • Published:
Journal of Intelligent Information Systems Aims and scope Submit manuscript

Abstract

Delegation is a mechanism that allows one agent to act on another’s privilege. It is important that the privileges should be delegated to a person who is trustworthy. In this paper, we propose a multi-level delegation model with trust management in access control systems. We organize the delegation tasks into three levels, Low, Medium, and High, according to the sensitivity of the information contained in the delegation tasks. It motivates us that the more sensitive the delegated task is, the more trustworthy the delegatee should be. In order to assess how trustworthy a delegatee is, we devise trust evaluation techniques to describe a delegatee’s trust history and also predict the future trend of trust. In our proposed delegation model, a delegatee with a higher trust level could be assigned with a higher level delegation task. Extensive experiments show that our proposed multi-level delegation model is effective in accurately predicting trust and avoiding sensitive information disclosure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  • Abadi, M., Burrows, M., Lampson, B., & Plotkin, G. (1991). A calculus for access control in distributed systems. Technical Report 70, Digital Systems Research Center.

  • Atluri, V., & Warner, J. (2005). Supporting conditional delegation in secure workflow management systems. In SACMAT 2005: Proceedings of the tenth ACM symposium on access control models and technologies (pp. 49–58). New York: ACM Press.

    Chapter  Google Scholar 

  • Barka, E., & Sandhu, R. (2000). Framework for role-based delegation models. In ACSAC 2000: Proceedings of the 16th annual computer security applications conference, Washington, DC, USA (p. 168). Los Alamitos: IEEE Computer Society Press.

    Google Scholar 

  • Bonatti, P., & Samarati, P. (2002). A unified framework for regulating access and information release on the Web. Journal of Computer Security, 10(3), 241–271.

    Google Scholar 

  • Crampton, J., & Khambhammettu, H. (2006). Delegation in role-based access control. In Proceedings of 11th European symposium on research in computer security.

  • Damiani, E., di Vimercati, S. D. C., Paraboschi, S., Samarati, P., & Violante, F. (2002). A reputation based approach for choosing reliable resources in peertopeer networks. In Proceedings of ACM CCS’02, Washington DC, USA (pp. 207–216).

  • Griffiths, N. (2005). Task delegation using experience-based multi-dimensional trust. In The proceedings of the fourth international conference on autonomous agents and multiagent systems (AAMAS-05), Utrecht, The Netherlands (pp. 489–496).

  • Hardjono, T., Chikaraishi, T., & Ohta, T. (1993). Secure delegation of tasks in distributed systems. In Proceedings of the 10th international symposium on the TRON project, Los Alamitos, California, USA.

  • Joshi, J. B. D., & Bertino, E. (2006). Fine-grained role-based delegation in presence of the hybrid role hierarchy. In SACMAT 2006: Proceedings of the eleventh ACM symposium on access control models and technologies (pp. 81–90). New York: ACM Press.

    Chapter  Google Scholar 

  • Kamvar, S. D., Schlosser, M. T., & Garcia-Molina, H. (2003). The eigentrust algorithm for reputation management in P2P networks. In Proceedings of the 12th international WWW conference, Budapest, Hungary.

  • Li, L., Wang, Y., & Varadharajan, V. (2009). Fuzzy regression based trust prediction in service-oriented applications. In The sixth international conference on autonomic and trusted computing (ATC-09), Brisbane, Australia, 7–9 July.

  • Li, M., & Wang, H. (2008). ABDM: An extended flexible delegation model in RBAC. Accepted by the IEEE 8th international conference on computer and information technology (CIT’2008), 8–11 July 2008, Sydney, Australia.

  • Li, M., Wang, H., & Ross, D. (2009). Trust-based access control for privacy protection in collaborative environment. To appear in the 2009 IEEE international conference on e-business engineering (ICEBE 2009), Macau, China.

  • Marti, S., & Garcia-Molina, H. (2004). Limited reputation sharing in P2P systems. In Proceedings of ACM EC’04, New York, USA (pp. 91–101).

  • Na, S., & Cheon, S. (2000). Role delegation in role-based access control. In RBAC 2000: Proceedings of the fifth ACM workshop on role-based access control (pp. 39–44). New York: ACM Press.

    Chapter  Google Scholar 

  • Nejdl, W., Olmedilla, D., & Winslett, M. (2004). PeerTrust: Automated trust negotiation for peers on the Semantic Web. In Proceedings of the workshop on secure data management in a connected world (SDM’04) in conjunction with 30th international conference on very large databases.

  • Norman, T. J., & Reed, C. A. (2002) A model of delegation for multi agent systems. In M. d’Inverno, M. M. Luck, M. Fisher, & C. Preist (Eds.), Foundations and applications of multi agent systems, Lecture notes in artificial intelligence (Vol. 2403, pp. 185–204). New York: Springer.

    Chapter  Google Scholar 

  • Ramchurn, S. D., Sierra, C., Godo, L., & Jennings, N. R. (2003). A computational trust model for multi-agent interactions based on confidence and reputation. In Proc. of the 6th int. workshop of deception, fraud and trust in agent societies (pp. 69–75).

  • Vapnyarskii, I. B. (2001). Lagrange multipliers. In M. Hazewinkel (Ed.), Encyclopaedia of mathematics. Norwell: Kluwer Academic. ISBN 978-1556080104.

  • Wang, Y., & Varadharajan, V. (2004). Interaction trust evaluation in decentralized environments. In K. Bauknecht, M. Bichler, & B. Proll (Eds.), Proceedings of 5th international conference on electronic commerce and Web technologies (EC-Web’04), Zaragoza, Spain, LNCS (Vol. 3182, pp. 144–153). Berlin: Springer.

    Google Scholar 

  • Wainer, J., & Kumar, A. (2005). A fine-grained, controllable, user-to-user delegation method in RBAC. In SACMAT 2005: Proceedings of the tenth ACM symposium on access control models and technologies (pp. 59–66). New York: ACM Press.

    Chapter  Google Scholar 

  • Waner, S., & Costenoble, S. R. (2007). Applied calculus (4th ed.). Pacific Grove: Brooks/Cole.

    Google Scholar 

  • Winsborough, W., & Li, N. (2002). Towards practical automated trust negotiation. In Third international workshop on policies for distributed systems and networks (POLICY 2002), Monterey, CA.

  • Xie, Z., & Chi, C. H. (2007). Quantifying trust through delegation in service oriented architecture. In IEEE SCW 2007 (pp. 308–315).

  • Xiong, L., & Liu, L. (2004). PeerTrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transations on Knowlege and Data Engineering, 16(7), 843–857.

    Article  Google Scholar 

  • Zacharia, G., & Maes, P. (2000). Trust management through reputation mechanisms. Applied Artificial Intelligence Journal, 9, 881–908.

    Article  Google Scholar 

  • Zhang, L., Ahn, G. J., & Chu, B. T. (2003a). A rule-based framework for role-based delegation and revocation. ACM Transactions on Information Systems and Security, 6(3), 404–441.

    Article  Google Scholar 

  • Zhang, X., Oh, S., & Sandhu, R. (2003b). Pbdm: A flexible delegation model in RBAC. In SACMAT 2003: Proceedings of the eighth ACM symposium on access control models and technologies (pp. 149–157). New York: ACM Press.

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Min Li.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Li, M., Sun, X., Wang, H. et al. Multi-level delegations with trust management in access control systems. J Intell Inf Syst 39, 611–626 (2012). https://doi.org/10.1007/s10844-012-0205-8

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10844-012-0205-8

Keywords

Navigation