Multi-level delegations with trust management in access control systems
Purchase on Springer.com
$39.95 / €34.95 / £29.95*
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.
Delegation is a mechanism that allows one agent to act on another’s privilege. It is important that the privileges should be delegated to a person who is trustworthy. In this paper, we propose a multi-level delegation model with trust management in access control systems. We organize the delegation tasks into three levels, Low, Medium, and High, according to the sensitivity of the information contained in the delegation tasks. It motivates us that the more sensitive the delegated task is, the more trustworthy the delegatee should be. In order to assess how trustworthy a delegatee is, we devise trust evaluation techniques to describe a delegatee’s trust history and also predict the future trend of trust. In our proposed delegation model, a delegatee with a higher trust level could be assigned with a higher level delegation task. Extensive experiments show that our proposed multi-level delegation model is effective in accurately predicting trust and avoiding sensitive information disclosure.
- Abadi, M., Burrows, M., Lampson, B., & Plotkin, G. (1991). A calculus for access control in distributed systems. Technical Report 70, Digital Systems Research Center.
- Atluri, V., & Warner, J. (2005). Supporting conditional delegation in secure workflow management systems. In SACMAT 2005: Proceedings of the tenth ACM symposium on access control models and technologies (pp. 49–58). New York: ACM Press. CrossRef
- Barka, E., & Sandhu, R. (2000). Framework for role-based delegation models. In ACSAC 2000: Proceedings of the 16th annual computer security applications conference, Washington, DC, USA (p. 168). Los Alamitos: IEEE Computer Society Press.
- Bonatti, P., & Samarati, P. (2002). A unified framework for regulating access and information release on the Web. Journal of Computer Security, 10(3), 241–271.
- Crampton, J., & Khambhammettu, H. (2006). Delegation in role-based access control. In Proceedings of 11th European symposium on research in computer security.
- Damiani, E., di Vimercati, S. D. C., Paraboschi, S., Samarati, P., & Violante, F. (2002). A reputation based approach for choosing reliable resources in peertopeer networks. In Proceedings of ACM CCS’02, Washington DC, USA (pp. 207–216).
- Griffiths, N. (2005). Task delegation using experience-based multi-dimensional trust. In The proceedings of the fourth international conference on autonomous agents and multiagent systems (AAMAS-05), Utrecht, The Netherlands (pp. 489–496).
- Hardjono, T., Chikaraishi, T., & Ohta, T. (1993). Secure delegation of tasks in distributed systems. In Proceedings of the 10th international symposium on the TRON project, Los Alamitos, California, USA.
- Joshi, J. B. D., & Bertino, E. (2006). Fine-grained role-based delegation in presence of the hybrid role hierarchy. In SACMAT 2006: Proceedings of the eleventh ACM symposium on access control models and technologies (pp. 81–90). New York: ACM Press. CrossRef
- Kamvar, S. D., Schlosser, M. T., & Garcia-Molina, H. (2003). The eigentrust algorithm for reputation management in P2P networks. In Proceedings of the 12th international WWW conference, Budapest, Hungary.
- Li, L., Wang, Y., & Varadharajan, V. (2009). Fuzzy regression based trust prediction in service-oriented applications. In The sixth international conference on autonomic and trusted computing (ATC-09), Brisbane, Australia, 7–9 July.
- Li, M., & Wang, H. (2008). ABDM: An extended flexible delegation model in RBAC. Accepted by the IEEE 8th international conference on computer and information technology (CIT’2008), 8–11 July 2008, Sydney, Australia.
- Li, M., Wang, H., & Ross, D. (2009). Trust-based access control for privacy protection in collaborative environment. To appear in the 2009 IEEE international conference on e-business engineering (ICEBE 2009), Macau, China.
- Marti, S., & Garcia-Molina, H. (2004). Limited reputation sharing in P2P systems. In Proceedings of ACM EC’04, New York, USA (pp. 91–101).
- Na, S., & Cheon, S. (2000). Role delegation in role-based access control. In RBAC 2000: Proceedings of the fifth ACM workshop on role-based access control (pp. 39–44). New York: ACM Press. CrossRef
- Nejdl, W., Olmedilla, D., & Winslett, M. (2004). PeerTrust: Automated trust negotiation for peers on the Semantic Web. In Proceedings of the workshop on secure data management in a connected world (SDM’04) in conjunction with 30th international conference on very large databases.
- Norman, T. J., & Reed, C. A. (2002) A model of delegation for multi agent systems. In M. d’Inverno, M. M. Luck, M. Fisher, & C. Preist (Eds.), Foundations and applications of multi agent systems, Lecture notes in artificial intelligence (Vol. 2403, pp. 185–204). New York: Springer. CrossRef
- Ramchurn, S. D., Sierra, C., Godo, L., & Jennings, N. R. (2003). A computational trust model for multi-agent interactions based on confidence and reputation. In Proc. of the 6th int. workshop of deception, fraud and trust in agent societies (pp. 69–75).
- Vapnyarskii, I. B. (2001). Lagrange multipliers. In M. Hazewinkel (Ed.), Encyclopaedia of mathematics. Norwell: Kluwer Academic. ISBN 978-1556080104.
- Wang, Y., & Varadharajan, V. (2004). Interaction trust evaluation in decentralized environments. In K. Bauknecht, M. Bichler, & B. Proll (Eds.), Proceedings of 5th international conference on electronic commerce and Web technologies (EC-Web’04), Zaragoza, Spain, LNCS (Vol. 3182, pp. 144–153). Berlin: Springer.
- Wainer, J., & Kumar, A. (2005). A fine-grained, controllable, user-to-user delegation method in RBAC. In SACMAT 2005: Proceedings of the tenth ACM symposium on access control models and technologies (pp. 59–66). New York: ACM Press. CrossRef
- Waner, S., & Costenoble, S. R. (2007). Applied calculus (4th ed.). Pacific Grove: Brooks/Cole.
- Winsborough, W., & Li, N. (2002). Towards practical automated trust negotiation. In Third international workshop on policies for distributed systems and networks (POLICY 2002), Monterey, CA.
- Xie, Z., & Chi, C. H. (2007). Quantifying trust through delegation in service oriented architecture. In IEEE SCW 2007 (pp. 308–315).
- Xiong, L., & Liu, L. (2004). PeerTrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transations on Knowlege and Data Engineering, 16(7), 843–857. CrossRef
- Zacharia, G., & Maes, P. (2000). Trust management through reputation mechanisms. Applied Artificial Intelligence Journal, 9, 881–908. CrossRef
- Zhang, L., Ahn, G. J., & Chu, B. T. (2003a). A rule-based framework for role-based delegation and revocation. ACM Transactions on Information Systems and Security, 6(3), 404–441. CrossRef
- Zhang, X., Oh, S., & Sandhu, R. (2003b). Pbdm: A flexible delegation model in RBAC. In SACMAT 2003: Proceedings of the eighth ACM symposium on access control models and technologies (pp. 149–157). New York: ACM Press. CrossRef
- Multi-level delegations with trust management in access control systems
Journal of Intelligent Information Systems
Volume 39, Issue 3 , pp 611-626
- Cover Date
- Print ISSN
- Online ISSN
- Springer US
- Additional Links
- Access control
- Database management
- Trust evaluation
- Industry Sectors
- Author Affiliations
- 1. Department of Mathematics & Computing, University of Southern Queensland, Toowoomba, QLD, Australia
- 2. Australian Council for Educational Research, Melbourne, Australia
- 3. School of Engineering and Science, Victoria University, Melbourne, Australia